A critical unauthenticated remote code execution vulnerability discovered in n8n, the popular workflow automation platform, exposes an estimated 100,000 servers globally to complete takeover.
Tracked as CVE-2026-21858 with a maximum CVSS score of 10.0, the flaw allows unauthenticated attackers to execute arbitrary system commands and achieve full host compromise without triggering any alarms.
The vulnerability affects all n8n versions prior to 1.121.0 and poses the highest risk to self-hosted, internet-exposed deployments.
According to Censys data, 26,512 vulnerable hosts are currently trackable and reachable from the internet, presenting an immediate threat surface for opportunistic attackers and sophisticated threat actors alike.
n8n has become the backbone of enterprise automation infrastructure. With over 100 million Docker pulls and adoption across thousands of enterprises, the platform serves as a central integration point connecting organizational workflows, linking everything from Google Drive and Salesforce to payment processors, customer databases, and CI/CD pipelines.
A compromised n8n instance becomes a master key to an organization’s entire digital infrastructure.
The vulnerability’s exploitability stems from a subtle but critical flaw in how n8n’s webhook components parse incoming requests. The Form Webhook node, commonly deployed in HR systems for CV uploads, customer portals for file submissions, and enterprise knowledge-base platforms, fails to verify the Content-Type header before processing file uploads. This oversight allows attackers to manipulate request parsing logic and override file handling mechanisms.
From Authentication Bypass to Code Execution
The exploitation chain released by CYERA begins with a Content-Type confusion attack. When an attacker changes the Content-Type header from multipart/form-data to application/json, the middleware invokes the regular body parser instead of the file upload parser.
This allows an attacker to inject arbitrary file paths into the req.body.files object effectively bypassing Formidable’s security protections that normally prevent path traversal attacks.
Once an attacker controls the file path parameter, they can read any local file from the n8n host. This arbitrary file-read primitive forms the foundation for privilege escalation.
n8n stores user credentials and authentication secrets locally on disk in unencrypted form. The database typically resides at /home/node/.n8n/database.sqlite, while encryption secrets are stored in /home/node/.n8n/config.
By exploiting the vulnerability to load these configuration files into an organizational knowledge base through the Form node, attackers can extract the admin user credentials and JWT signing secrets.
With this information, attackers can forge valid authentication cookies and bypass all authentication mechanisms, effectively logging in as a system administrator without knowing the actual password.
Once authenticated as an administrator, achieving code execution becomes trivial. n8n’s “Execute Command” node allows users to run arbitrary system commands.
An attacker simply creates a new workflow containing this node and executes malicious commands with the same privileges as the n8n process, typically running as root in containerized deployments.
From this point, the blast radius expands catastrophically. Attackers gain access to all API credentials, OAuth tokens, database connection strings, and cloud storage credentials stored within n8n. In large enterprises where thousands of employees funnel automations through a single n8n instance, this represents a complete infrastructure compromise.
The implications extend far beyond a single compromised system. Consider a Fortune 500 company using n8n to orchestrate automations across departments: HR workflows processing employee data, finance automations handling payment processing, operations teams managing cloud infrastructure, and engineering teams integrating with CI/CD pipelines.
A compromised n8n instance becomes the pivot point for lateral movement across the entire organization’s technology stack.
Attackers gain the ability to deploy malware across dependent systems, exfiltrate sensitive data including trade secrets and customer information, manipulate financial transactions, compromise development pipelines, and establish persistent backdoors for long-term access.
n8n released version 1.121.0 on November 18, 2025, which addresses this critical flaw. The security community should treat this as an emergency patch requiring immediate deployment across all instances.
Organizations should implement the following remediation strategy: immediately update n8n to version 1.121.0 or later, restrict n8n instances from direct internet exposure when possible, require authentication for all Form nodes, and audit all workflows and stored credentials for unauthorized modifications.
The responsible disclosure timeline from initial report on November 9, 2025, through CVE assignment on January 6, 2026, demonstrates the security team at n8n’s commitment to addressing vulnerabilities swiftly.
However, the window between patch release and widespread deployment is a critical vulnerability period during which thousands of exposed instances remain at risk.
The 26,512 exposed n8n instances currently visible to internet scanning represent an active threat surface. Organizations should prioritize this vulnerability for immediate patching and implement network segmentation to prevent external access to automation platforms.
Given n8n’s role as a central integration hub, this vulnerability is among the highest-priority security issues for enterprises operating workflow automation infrastructure in 2026.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
