Critical vulnerability in automation tool: n8n allows code smuggling
The popular tool for creating no-code workflows has four critical vulnerabilities, one with the highest score. Admins should patch quickly.
(Image: amgun/ Shutterstock.com)
The no-code automation solution n8n is very popular, as it allows even programming beginners to set up complex workflows with a graphical tool, make API requests, and use LLMs automatically. However, four critical security vulnerabilities, one of them with the maximum score of 10 points, are currently spoiling the joy of using the tool for system administrators. Experts are divided on how critical the vulnerability is.
When security vulnerabilities with catchy, preferably scary-sounding names appear, the discerning reader often suspects nothing good, as is the case with "Ni8mare". This is what the security company Cyera called the flaw with the CVE ID CVE-2026-21858 and classified it as critical – along with the maximum CVSS score of 10. As soon as a web form created with n8n is accessible from the web, attackers can read any files on the n8n server.
However, a new analysis of the vulnerability by Horizon3.ai puts the risk into perspective: While the security vulnerability is indeed present and can be exploited remotely, there are several prerequisites that are not met by any of the company's customers. For example, there is usually no way to exfiltrate the data obtained. Admins should patch their n8n instances, but panic is not necessary.
Videos by heise
Vulnerability chaos with and without PoC
In addition to "Ni8mare", there is "N8scape" (CVE-2025-68668, CVSS 9.9, critical), a vulnerability published during the Christmas season, which allows authenticated users to execute Python code on the n8n host system unintentionally. However, they must have sufficient permissions to create or modify workflows. CVE-2027-21877 (CVSS 9.9, critical) also offers unintentional code execution.
However, the greatest danger currently comes from a vulnerability that is not classified as critical at all: CVE-2025-68613, with a CVSS score of 8.8, represents "only" a "high" danger, but can be linked to "Ni8mare", as a "Proof of Concept" exploit (PoC) proves. If this is applied to a vulnerable n8n instance, not only can files of the host system be read, but arbitrary system commands can also be executed (Remote Code Execution, RCE). The downplaying analysis by Horizon3.ai may therefore be correct for "Ni8mare" alone, but proves to be deceptive in combination with an additional security vulnerability.
Update to 2.0.0 recommended
If you use n8n on your own systems, for example as a Docker container, you should consider updating directly to version 2.0.0. Although some of the critical security vulnerabilities are also fixed in versions of the 1.x branch, its product support will end soon: Product support ends on March 15, 2026, three months after the release of n8n 2.0.0.
In addition to the four critical vulnerabilities, the security vulnerability overview on GitHub lists further security problems that have been fixed in recent days and weeks.
n8n is a German start-up success story. The project recently won the "Rising Stars" for the most popular JavaScript project with an increase of 112,400 GitHub stars in 2025. The underlying n8n GmbH is considered a "unicorn" with a valuation of 2.5 billion US dollars after a nine-figure financial injection.
(cku)
