Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)

Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)
DRANK

Cyera Research Labs has discovered a "worst-case scenario" flaw in n8n, the industry-leading platform for AI and workflow automation. Dubbed "Ni8mare," this vulnerability (CVE-2026-21858) allows an unauthenticated remote attacker to gain full administrative control over an n8n instance.

cyera.com 3 days ago

Open page

https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858