Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE).
The vulnerability, which has been assigned the CVE identifier CVE-2026-21877, is rated 10.0 on the CVSS scoring system.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
“Under certain conditions, an authenticated user may be able to cause untrusted code to be executed by the n8n service,” n8n said in an advisory released Tuesday. “This could result in full compromise of the affected instance.”
The maintainers said both self-hosted deployments and n8n Cloud instances are impacted. The issue impacts the following versions –
- >= 0.123.0
- < 1.121.3
It has been addressed in version 1.121.3, which was released in November 2025. Security researcher Théo Lelasseux (@theolelasseux) has been credited with discovering and reporting the flaw.
Users are advised to upgrade to this version or later to completely address the vulnerability. If immediate patching is not possible, it’s essential that administrators limit exposure by disabling the Git node and limiting access for untrusted users.
The disclosure comes as n8n has addressed a steady stream of critical flaws in the platform (CVE-2025-68613 and CVE-2025-68668, CVSS scores: 9.9) that could lead to code execution under specific conditions.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
The Future of Cybersecurity Includes Non-Human Employees