Critical Ni8mare flaw in n8n allows unauthenticated remote takeover

n8n reports a maximum-severity security flaw which allows unauthenticated attackers to gain full control over self-hosted instances.

The flaw is tracked as CVE-2026-21858 (CVSS score 10.0) and dubbed Ni8mare,  exploits a logic error in how the platform handles webhooks and file uploads. The technical root of the problem lies in a Content-Type confusion flaw in n8n's formWebhook function used by Form nodes to receive data. The function fails to validate whether the Content-Type field of POST requests is set to multipart/form-data before processing file uploads. 

When legitimate file uploads occur with multipart/form-data content type, n8n's parseFormData function uses the Formidable library to securely handle files by storing them in randomly generated temporary directories. However, when an attacker submits a request with a different content type such as application/json, n8n's parseBody function is invoked instead, which extracts all sections from the request body and populates corresponding req.body variables with user-controlled content. This allows attackers to override the req.body.files variable with malicious file paths, enabling the copyBinaryFile function to copy arbitrary files from the system instead of uploaded files. Common attack scenarios include workflows built for customer support portals accepting screenshots, HR systems processing CVs, or organizational knowledge bases where employees upload documents for LLM-powered chatbots.

The exploitation occurs in two stages: 

1. Attackers achieve arbitrary file read by intercepting file upload requests through Form nodes, changing the Content-Type header to application/json, and crafting the request body to specify known system file paths including n8n configuration files containing sensitive credentials. In knowledge base implementations using RAG technology, attackers can extract file contents by querying the chat interface about uploaded files.
2. Attackers escalate privileges through session cookie forgery. n8n generates session cookies by combining a user's ID with a SHA256 hash of their email and password, signed with an instance-specific secret key. All information needed to forge session cookies exists in local files: user records are stored in /home/node/.n8n/database.sqlite and the encryption secret key resides in /home/node/.n8n/config. Attackers leverage the arbitrary file read vulnerability to extract both the database and configuration file, reconstruct administrator session cookies, bypass authentication, and gain admin privileges.

Because n8n serves as a central hub for automation, a successful breach exposes a goldmine of sensitive data, including API keys, database credentials, and cloud storage tokens. 

Researchers from Cyera Research Labs discovered the flaw and claim that it impacts approximately 100,000 servers globally.

The flaw affects all versions below 1.121.0.

Organizations should update to n8n version 1.121.0 or later ASAP. Security teams should also check that n8n instances are isolated from the public internet and protected by a VPN. If an immediate update is not possible, administrators should restrict or disable all publicly accessible form and webhook endpoints to block the primary attack vector.