Perceptive Security
SOC/SIEM Consultancy
n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions
Published:
7 January 2026 at 11:26:00
Alert date:
7 January 2026 at 13:02:49
Source:
thehackernews.com
Enterprise Applications, Zero-Day Vulnerabilities, Web Technologies
Open-source workflow automation platform n8n disclosed a critical vulnerability CVE-2026-21877 with maximum CVSS score of 10.0. The flaw allows authenticated remote code execution (RCE) under certain conditions where authenticated users can cause untrusted code execution. The vulnerability affects both self-hosted and cloud versions of the n8n platform.
Technical details
CVE-2026-21877 is a maximum-severity (CVSS 10.0) remote code execution vulnerability in the n8n workflow automation platform. Under certain conditions, an authenticated user may be able to cause untrusted code to be executed by the n8n service, potentially resulting in full compromise of the affected instance. The vulnerability affects both self-hosted deployments and n8n Cloud instances.
Mitigation steps:
Upgrade to n8n version 1.121.3 or later
If immediate patching is not possible, disable the Git node
Limit access for untrusted users
Limit exposure by restricting administrator access
Affected products:
n8n workflow automation platform versions >= 0.123.0 and < 1.121.3
n8n self-hosted deployments
n8n Cloud instances
Related links:
https://www.npmjs.com/package/n8n
https://github.com/n8n-io/n8n/security/advisories/GHSA-v364-rw7m-3263
https://docs.n8n.io/hosting/securing/blocking-nodes/
https://thehackernews.com/2025/12/critical-n8n-flaw-cvss-99-enables.html
https://thehackernews.com/2026/01/new-n8n-vulnerability-99-cvss-lets.html
https://github.com/theolelasseux
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.