What is CVE-2026-21858?

CVE-2026-21858 is a critical-severity vulnerability in N8n-io N8n, classified under Improper Input Validation. CVSS score: 10.0/10. Published 2026-01-07.

How severe is CVE-2026-21858?

Critical severity. CVSS v3 base score is 10.0 out of 10.

Is CVE-2026-21858 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in N8n-io N8n

CVE-2026-21858

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.069 (91.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N.

Affected products

N8n-io N8n — versions >= 1.65.0, < 1.121.0

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg (x_refsource_CONFIRM)
https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858 (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-21858?: CVE-2026-21858 is a critical-severity vulnerability in N8n-io N8n, classified under Improper Input Validation. CVSS score: 10.0/10. Published 2026-01-07.
How severe is CVE-2026-21858?: Critical severity. CVSS v3 base score is 10.0 out of 10.
Is CVE-2026-21858 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.