In the world of workflow automation, n8n has become a powerhouse, allowing businesses to stitch together hundreds of apps and APIs. But a recently disclosed vulnerability, codenamed Ni8mare (CVE-2026-21858), has turned this automation dream into a security nightmare.
Discovered by Dor Attias of Cyera Research Labs, this flaw carries the highest possible severity rating—a CVSS score of 10.0. What makes Ni8mare particularly terrifying is that it requires zero authentication to exploit, potentially granting an attacker total control over an organization’s entire automation infrastructure.
The Anatomy of the Ni8mare
The vulnerability is rooted in a “Content-Type” confusion flaw within n8n’s webhook and file-handling logic.
1. The Entry Point: Webhook Confusion
The flaw exists in the formWebhook() function, which is used to process submissions from n8n Form nodes. When a user submits a form that includes a file, n8n uses a function called copyBinaryFile() to handle the upload.
Under normal circumstances, this function expects multipart/form-data. However, researchers found that n8n failed to verify the incoming Content-Type. By sending a specially crafted JSON request instead of a standard form upload, an attacker can manipulate the req.body.files object.
2. The Primitive: Arbitrary File Read
Because the attacker controls the file object, they can point the filepath parameter to any file on the underlying server. Instead of “uploading” a new file, the attacker forces n8n to “copy” an existing sensitive file from the server into the workflow’s memory.
The prime target? The n8n database: /home/node/.n8n/database.sqlite
3. The Escalation: Authentication Bypass to RCE
Once the attacker reads the SQLite database, they have the “keys to the kingdom.” The database contains:
- Encryption keys
- Session secrets
- User credentials
By exfiltrating these secrets, the attacker can forge a valid administrator session cookie. Now “logged in” as an admin, the attacker can simply create a new workflow, add an “Execute Command” node, and run arbitrary OS commands.
The result: Full Remote Code Execution (RCE) and total server compromise.
Why the Blast Radius is Massive
n8n is designed to be a central hub. A compromised instance doesn’t just mean a leaked server; it means the attacker has access to every integration connected to that instance:
- SaaS API Tokens (Slack, GitHub, Salesforce)
- Database Credentials
- Cloud Provider Keys (AWS, Azure, GCP)
- Sensitive Customer Data flowing through active workflows
As Cyera researchers noted, n8n becomes a single point of failure—a goldmine for threat actors looking to pivot into a company’s deeper infrastructure.
Affected Versions & Remediation
The vulnerability impacts a wide range of n8n deployments, specifically targeting how form-based workflows are handled.
- Affected Versions: All versions prior to and including 1.65.0.
- The Fix: n8n has addressed this in version 1.121.0 (and subsequent releases like 2.x).
Immediate Actions for Administrators:
- Update Now: Ensure your n8n instance is running at least version 1.121.0 or the latest 2.x release.
- Audit Webhooks: Review any workflows using “Form” or “Webhook” nodes that are exposed to the public internet.
- Enforce Authentication: Enable authentication for all Form nodes and use a reverse proxy or VPN to restrict access to your n8n editor.
- Rotate Secrets: If you suspect your instance was exposed, rotate all API keys and credentials stored within n8n.
Conclusion
Ni8mare is a stark reminder that as we move toward “low-code” and “no-code” automation, the underlying security of these platforms becomes the bedrock of organizational safety. CVE-2026-21858 proves that even a simple check on a Content-Type header can be the difference between a secure workflow and a total breach.