A maximum-severity flaw in the open source automation platform n8n allows unauthenticated attackers to take full control of servers, exposing critical secrets and connected systems. The incident highlights growing security risks in self-hosted open source infrastructure.
A critical unauthenticated remote code execution (RCE) vulnerability has been discovered in n8n, a widely used open source, self-hosted automation platform, exposing an estimated 100,000 servers to complete takeover.
The flaw, tracked as CVE-2026-21858 and carrying a CVSS score of 10.0, allows attackers to execute arbitrary code without authentication. Dubbed “ni8mare”, the vulnerability enables anyone with network access to seize full control of a vulnerable n8n instance, with no workaround available other than patching.
n8n is commonly deployed as critical automation infrastructure, orchestrating workflows across chat applications, forms, cloud storage, databases, and third-party APIs. Successful exploitation grants attackers access to high-value secrets, including API credentials, OAuth tokens, customer data, CI/CD pipelines, IAM systems, payment processors, and cloud storage, while also enabling lateral movement into connected environments.
According to Cyera, which uncovered the issue, the vulnerability stems from a flaw in n8n’s webhook processing. By exploiting a Content-Type Confusion issue, attackers can manipulate HTTP headers to overwrite internal variables, read arbitrary files, and escalate the attack to full remote code execution.
Cyera researcher Dor Attias warned:
“Imagine a large enterprise with 10,000+ employees with one n8n server that anyone uses. A compromised n8n instance doesn’t just mean losing one system – it means handing attackers the keys to everything.”
The vulnerability was privately disclosed on 9 November 2025, confirmed by n8n the following day, and patched on 18 November 2025 in version 1.121.0, weeks before the CVE was publicly assigned in January 2026. However, the low-profile release raises concerns that many self-hosted deployments remain unpatched.
