CVE-2026-21858 aka Ni8mare: Critical Unauthenticated Remote Code Execution Vulnerability in n8n Platform
The surge of critical vulnerabilities shows no signs of slowing as 2026 begins. In the aftermath of the MongoBleed (CVE-2025-14847) disclosure, another critical flaw has surfaced, impacting the n8n AI workflow automation platform. Tracked as CVE-2026-21858 and dubbed Ni8mare, the flaw obtains a maximum-severity score (CVSS 10.0) and might result in granting full control over exposed n8n instances.
The risk is amplified by the platform’s exposure footprint. Attack surface management provider Censys reports observing more than 26,500 internet-accessible n8n hosts worldwide, highlighting a substantial potential attack surface for active exploitation.
Register for the SOC Prime Platform, home to the world’s largest Detection Intelligence dataset, delivering an end-to-end pipeline from threat detection through simulation to elevate your SOC capabilities and proactively defend against cyber threats of any sophistication. Press the Explore Detections button to access a context-enriched collection of rules addressing vulnerability exploitation, filtered by the relevant CVE tag.
All the rules are compatible with multiple SIEM, EDR, and Data Lake formats and mapped to the MITRE ATT&CK® v18.1 framework. Additionally, each rule is enriched with CTI links, attack timelines, audit configurations, triage recommendations, and more relevant context.
Security engineers can also leverage Uncoder AI, an IDE and co-pilot for detection engineering. With Uncoder, defenders can instantly convert IOCs into custom hunting queries, craft detection code from raw threat reports, generate Attack Flow diagrams, enable ATT&CK tags prediction, leverage AI-driven query optimization, and translate detection content across multiple platforms.
CVE-2026-21858 Analysis
CVE-2026-21858, dubbed Ni8mare, exposes a critical flaw in n8n’s webhook request parsing and file handling logic. According to the Cyera Research Labs report, the vulnerability arises from the way Webhook nodes process incoming HTTP requests based on the “Content-Type” header.
When a request is received, n8n determines how to parse it by inspecting the “Content-Type”. If the header is set to multipart/form-data, the request is processed by the parseFormData() function. This function is a wrapper around Formidable’s parse() method and saves uploaded files to a randomly generated path in the system’s temporary directory, storing the file information in the req.body.files global variable.
For all other “Content-Type” values, n8n uses the parseBody() function, which parses the HTTP body and stores the decoded data in the req.body global variable.
Cyera researchers found that a crafted HTTP request sent to a Forms Webhook node could deliberately misstate the “Content-Type” header as something other than multipart/form-data. When processed this way, parseBody() can be abused to overwrite the req.body.files variable with attacker-controlled data.
With control over the req.body.files object, an attacker can specify arbitrary file paths on the local system. The Form node later calls the prepareFormReturnItem() function, which iterates over the entries in req.body.files and invokes copyBinaryFile() for each one. This process does not verify whether the files originated from a legitimate upload, causing the specified local files to be copied into persistent storage instead.
The issue was reported to n8n on November 9, 2025, and the vendor confirmed that CVE-2026-21858 allows unauthenticated attackers to access files on the underlying server. Exploitation can lead to sensitive data exposure, workflow manipulation, credential compromise, and, in some configurations, full instance compromise.
According to the vendor’s advisory, CVE-2026-21858 affects all versions of the n8n platform prior to and including 1.65.0. It has been addressed in version 1.121.0, released on November 18, 2025. Users should upgrade to version 1.121.0 or later to remediate the issue.
No official workarounds are available. As a temporary mitigation, users may restrict or disable publicly accessible webhook and form endpoints until the upgrade can be applied. Additionally, organizations can leverage SOC Prime’s AI-native Detection Intelligence Platform for real-time defense, helping them stay ahead of critical threats backed by an extensive library of curated detection rules, actionable intelligence, and AI.
