n8n, an open-source workflow automation platform, has disclosed a critical security vulnerability (CVE-2026-21877) that could allow authenticated remote code execution, risking full system compromise. Users are urged to update to version 1.121.3 or higher to mitigate this threat and limit exposure. #n8n #CVE21877
Keypoints
- The vulnerability impacts self-hosted and cloud versions of n8n from versions 0.123.0 to 1.121.3.
- A successful exploit may allow an authenticated user to execute untrusted code on the server.
- The flaw was discovered and reported by security researcher ThΓ©o Lelasseux.
- The security issue has been patched in the latest version 1.121.3 released in November 2025.
- Admins should disable the Git node and restrict access for untrusted users if immediate patching isnβt possible.
Read More: https://thehackernews.com/2026/01/n8n-warns-of-cvss-100-rce-vulnerability.html