IT Knowledge Bases

CVE-2026-21858: Critical Unauthenticated RCE in n8n (“Ni8mare”)

Illustration showing CVE-2026-21858, a critical unauthenticated remote code execution vulnerability in self-hosted n8n, highlighting Docker exposure, credential theft, and full system compromise risk.

Summary: Why This Matters

CVE-2026-21858 is a critical unauthenticated remote code execution (RCE) vulnerability affecting self-hosted n8n, a popular workflow automation platform used to orchestrate API calls, cloud services, and internal systems.

If an exposed n8n instance is vulnerable, an attacker can fully compromise it without credentials, extract automation secrets, and pivot into connected infrastructure. Running n8n in Docker does not automatically mitigate this risk.

Affected Software

  • n8n (self-hosted deployments)
  • Versions prior to 1.121.0

This vulnerability does not apply to n8n Cloud (hosted SaaS), where patching and exposure are centrally managed.

Severity

  • CVSS v3.1 Base Score: 10.0 (Critical)
  • Network exploitable
  • No authentication required
  • No user interaction
  • Full system compromise possible

This is a worst-case vulnerability class.

Vulnerability Overview

The root cause is improper Content-Type validation and input handling in n8n’s webhook and file-processing logic.

Specially crafted HTTP requests can bypass parsing safeguards, resulting in:

  • Arbitrary file reads within the n8n runtime
  • Exposure of configuration files, credentials, and database contents
  • Authentication bypass
  • Remote code execution (RCE) as the n8n process

Once secrets are exposed, attackers can rapidly escalate from data access to complete instance takeover.

Root cause category: Improper input validation (CWE-20)

Attack Vector

  • Unauthenticated HTTP requests
  • Target endpoints:
    • Webhooks
    • Form and file-processing endpoints
  • No prior access required

Any internet-reachable n8n instance is a viable target.

Impact

Successful exploitation allows an attacker to:

  • Read sensitive files
  • Extract stored secrets (API keys, OAuth tokens, database credentials)
  • Bypass authentication controls
  • Execute arbitrary commands
  • Fully control the n8n instance

Because n8n typically stores high-privilege automation credentials, compromise often extends beyond n8n into:

  • Cloud environments
  • Payment processors
  • CI/CD pipelines
  • Internal APIs and services

In practice, n8n is rarely the final target—it is the entry point.

Exploit Status

  • Proof-of-concept details are public
  • Active scanning of exposed instances is likely
  • No confirmed widespread exploitation reported yet

Given exploit simplicity and impact, targeted exploitation is expected.

Fix and Remediation

  • Upgrade to n8n version 1.121.0 or later
  • There are no effective workarounds
  • Network filtering alone is insufficient

If your instance was exposed while vulnerable:

  • Assume compromise
  • Rotate all credentials
  • Audit workflows for malicious persistence

What If n8n Is Running in Docker?

Running n8n in Docker can reduce blast radius, but does not make this vulnerability safe. Risk depends entirely on deployment configuration.

What Docker Helps With

  • Initial process isolation
  • Container-level filesystem separation
  • Faster rebuild and redeploy

That is where the benefits end.

Realistic Outcomes by Deployment Quality

Worst-Case (Common in the Wild)

Docker provides little protection if any of the following are true:

  • --privileged mode enabled
  • Docker socket mounted (/var/run/docker.sock)
  • Host directories mounted read-write
  • Container runs as root
  • Secrets passed via environment variables
  • n8n exposed directly to the internet

Result:

  • Unauthenticated RCE
  • Credential theft
  • Infrastructure compromise
  • Possible host escape
  • Cloud account takeover

In this scenario, Docker is security theater.

Typical “Okay-ish” Setup

  • No privileged mode
  • Some volumes mounted (workflows, database)
  • Runs as root inside container
  • Internet-exposed

Result:

  • Full n8n compromise
  • All workflows and secrets exposed
  • Attacker can persist via workflow logic and abuse connected systems

The host may survive. Everything n8n touches does not.

Hardened Container (Minimum Acceptable)

All of the following must be true:

  • Runs as a non-root user
  • No Docker socket mounted
  • No privileged mode
  • Minimal, read-only volumes
  • Secrets managed via a secure secrets manager (not environment variables)
  • Network restricted (reverse proxy with authentication)
  • Fully patched image

Result:

  • RCE confined to the container
  • Impact limited and recoverable

Even here: patching is mandatory.

Reality Check

  • Docker is not a mitigation
  • Unauthenticated RCE means assume breach
  • Patching alone is insufficient after exposure
  • Secret rotation is mandatory
  • Workflow auditing is required

The real damage comes from the credentials n8n automates, not the application itself.

Final Takeaway

CVE-2026-21858 is a critical, unauthenticated RCE vulnerability in self-hosted n8n versions prior to 1.121.0. If your instance was reachable while unpatched, treat this as a security incident, not a routine update.

Patch immediately. Rotate secrets. Audit workflows.

Check out some more posts! Cisco RCE Zero-Day Under Attack: Patch Now + AI & Cloud News

David Wolfcale

Leave a Reply