Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)

www.cyera.com

cross-posted to:
cybersecurity

Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)

www.cyera.com

digicatM to

blueteamsecEnglish · 7 days ago

cross-posted to:
cybersecurity

Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research Labs

www.cyera.com

Cyera Research Labs has discovered a "worst-case scenario" flaw in n8n, the industry-leading platform for AI and workflow automation. Dubbed "Ni8mare," this vulnerability (CVE-2026-21858) allows an unauthenticated remote attacker to gain full administrative control over an n8n instance.

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

21 users / day
74 users / week
291 users / month
950 users / 6 months
219 local subscribers
592 subscribers
2.01K Posts
160 Comments
Modlog

mods:
digicat