Critical “Ni8mare” Bug Allows Hackers to Take Over n8n Servers
▼ Summary
– A critical vulnerability (CVE-2026-21858, “Ni8mare”) with a maximum CVSS score of 10.0 has been discovered in the n8n automation platform, allowing unauthenticated remote attackers to take over instances.
– The flaw’s impact is severe because n8n centrally stores enterprise secrets like API keys and cloud credentials, making a compromised server a single point of failure for massive data exposure.
– The vulnerability exploits a parsing mismatch in webhooks; by manipulating a request’s content-type header, attackers can control file paths and read arbitrary local files from the server.
– Successful exploitation can lead to secret theft, session forgery, code execution, and full system compromise, with over 100,000 servers potentially exposed.
– Users must upgrade to n8n version 1.121.0 or later to fix the issue, as there are no available workarounds for this patched vulnerability.
A critical security flaw has been discovered in the widely used workflow automation platform n8n, posing a significant risk to organizations that deploy it on their own infrastructure. Dubbed “Ni8mare,” this vulnerability carries a maximum severity rating of 10.0 on the CVSS scale, indicating that remote attackers without any authentication can exploit it to seize control of servers. With the platform boasting over 100 million Docker pulls and potentially 100,000 exposed instances, the scope for damage is considerable. Given n8n’s role in connecting critical services like cloud storage, payment processors, and CI/CD pipelines, a single compromised server could hand over a treasure trove of sensitive enterprise data.
The impact of a successful attack extends far beyond the initial breach. An exploited n8n instance acts as a centralized single point of failure, where API keys, OAuth tokens, and database credentials converge. This makes the platform a prime target for threat actors seeking to move laterally through a network. Security researchers emphasize that losing one n8n server effectively means surrendering the keys to every integrated system, from internal databases to external cloud services. There are no available workarounds for this flaw; the only definitive remediation is to immediately upgrade installations to version 1.121.0 or a later release.
The vulnerability stems from how the platform processes webhooks that trigger automated workflows. n8n uses different parsers to handle incoming data based on the “content-type” header in a webhook request. For secure handling of file uploads sent as “multipart/form-data,” it employs a specific parser that stores files in temporary locations. However, for all other content types, a standard parser is used instead. The security weakness arises because a function related to file processing does not verify that the incoming request is actually a legitimate file upload.
By simply changing the content-type header to something like application/json, an attacker can bypass the secure file upload parser. This manipulation allows them to control the metadata and file path parameters that n8n uses. Instead of pointing to a newly uploaded file, an attacker can direct the system to any local file on the server. Consequently, the workflow nodes receive the content of a local system file chosen by the attacker, not a user-uploaded document. This mechanism enables the reading of arbitrary files from the server’s filesystem.
This arbitrary file read capability opens the door to several severe attack vectors. Exploiting Ni8mare can lead to the exposure of secrets, injection of malicious files into workflows, forgery of session cookies to bypass authentication, and ultimately, the execution of arbitrary code on the compromised server. The n8n security team addressed the vulnerability promptly after it was privately reported, releasing a patch within nine days. Organizations using self-hosted n8n are urged to prioritize this update to protect their integrated systems and sensitive data from potential takeover.
(Source: InfoSecurity Magazine)
