CRITICAL🇵🇱 Wersja polska

CVE-2026-21858

CVSS 10.0v3.1pub. 2026-01-08upd. 2026-01-16

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.

🤖 AI Analysis
How it works

The vulnerability results from improper input validation (CWE-20) in the form workflow handling mechanism. An attacker can craft a request to a publicly accessible workflow, resulting in arbitrary file reads from the server file system without requiring any credentials. Depending on the deployment configuration and workflow content, further environment compromise is possible.

Impact

An attacker can gain access to sensitive files stored on the server (e.g., configurations, secrets, API keys), and depending on the deployment configuration, further system compromise may occur.

Mitigation & patch

n8n should be updated to version 1.121.0 or later, where the issue has been fixed. Until the update is applied, it is recommended to restrict network access to the n8n instance and disable public access to form-based workflows.

Who is affected

n8n versions 1.65.0 through 1.120.x (below 1.121.0)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
  • N8n

    APP
    N8N
    1.65.0 – 1.121.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-68613CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE w systemie ewaluacji wyrażeń n8n — krytyczna podatność

CVE-2026-44791CRITICAL9.4PL ✓ten sam produkt

RCE w n8n poprzez ominięcie łatki CVE-2026-42232 w węźle XML

CVE-2026-44789CRITICAL9.4PL ✓ten sam produkt

n8n: prototype pollution w HTTP Request node prowadzący do RCE

CVE-2026-44790CRITICAL9.4PL ✓ten sam produkt

Wstrzyknięcie flag CLI w węźle Git platformy n8n — odczyt dowolnych plików

CVE-2026-42231CRITICAL9.4PL ✓ten sam produkt

Prototype Pollution w n8n prowadzące do RCE przez webhook handler