Description

n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated attacker may be able to execute malicious code using the n8n service. This could result in full compromise and can impact both self-hosted and n8n Cloud instances. This issue is fixed in version 1.121.3. Administrators can reduce exposure by disabling the Git node and limiting access for untrusted users, but upgrading to the latest version is recommended.

INFO

Published Date :

2026-01-08T00:39:58.697Z

Last Modified :

2026-01-08T18:59:10.198Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-21877 vulnerability.

Vendors Products
N8n
  • N8n
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-21877.

URL Resource
https://github.com/n8n-io/n8n/commit/f4b009d00d1f4ba9359b8e8f1c071e3d910a55f6 cve-icon cve-icon
https://github.com/n8n-io/n8n/security/advisories/GHSA-v364-rw7m-3263 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact