n8n: Angriffe auf Sicherheitslücke in Automatisierungstool beobachtet
Auf eine Schwachstelle im Automatisierungstool n8n laufen aktuell Angriffe. Updates stehen seit Januar bereit.
If you run n8n, have you already hunted for potential exploitation of “Ni8mare” CVE-2026-21858 in your logs? Deep dive the vuln at https://www.cvedatabase.com/cve/CVE-2026-21858
#n8n #Ni8mare #RCE #BlueTeam #ThreatHunting
CVE-CVE-2026-21858 | CRITICAL Severity | CVEDatabase.com
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying serv...
Max severity Ni8mare flaw impacts nearly 60,000 n8n instances
Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare."
Max severity Ni8mare flaw lets hackers hijack n8n servers
A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform.
Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research Labs
Cyera Research Labs has discovered a "worst-case scenario" flaw in n8n, the industry-leading platform for AI and workflow automation. Dubbed "Ni8mare," this vulnerability (CVE-2026-21858) allows an unauthenticated remote attacker to gain full administrative control over an n8n instance.
Ni8mare flaw gives unauthenticated control of n8n instances
A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances.
Marcel SIneM(S)US
CVEDatabase.com
The New Oil
Carlos Mogas da Silva
securityaffairs