Open source workflow automation platform n8n has warned of a maximum severity security flaw that, if successfully exploited, could lead to authenticated remote code execution (RCE).
This vulnerability has been assigned CVE identifier CVE-2026-21877 and is rated 10.0 by the CVSS scoring system.
“Under certain conditions, it may be possible for an authenticated user to execute untrusted code by the n8n service,” n8n said in an advisory published Tuesday. “This could result in a complete compromise of the affected instance.”
Administrators said both self-hosted deployments and n8n Cloud instances are affected. This issue affects the following versions:
This issue was addressed in version 1.121.3 released in November 2025. Security researcher Théo Lelasseux (@theolelasseux) is credited with discovering and reporting the flaw.
We recommend upgrading to this version or later to fully resolve the vulnerability. If immediate patching is not possible, it is important for administrators to limit the risk of infection by disabling Git nodes and restricting access for untrusted users.
This disclosure comes as n8n continues to address an ongoing critical flaw in its platform (CVE-2025-68613 and CVE-2025-68668, CVSS score: 9.9) that could lead to code execution under certain conditions.
Source link
