CVE-2026-21877
Remote Code Execution in n8n Workflow Automation Platform
Description
Description
n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated attacker may be able to execute malicious code using the n8n service. This could result in full compromise and can impact both self-hosted and n8n Cloud instances. This issue is fixed in version 1.121.3. Administrators can reduce exposure by disabling the Git node and limiting access for untrusted users, but upgrading to the latest version is recommended.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Affected Vendors & Products
| Vendor | Product | Version |
|---|---|---|
| n8n | n8n | 1.121.3 |
| n8n | n8n | 0.123.0 |
| n8n | n8n | 0.121.2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
How can this vulnerability impact me? :
What immediate steps should I take to mitigate this vulnerability?
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart
Meta Information
CVE Publication Date:
2026-01-08
CVE Last Modified Date:
2026-01-08
Report Generation Date:
2026-01-09
AI Powered Q&A Generation:
2026-01-08
EPSS Last Evaluated Date:
N/A
NVD Report Link: