- January 8, 2026
Critical Vulnerability in n8n (CVE-2026-21858)
On January 6th, 2026, CVE-2026-21858 was published by n8n, followed shortly by articles by Dor Attias and Cyera documenting critical flaws in n8n's request parsing. The vulnerability allows an unauthenticated attacker to exfiltrate sensitive data, which can lead to full compromise of the n8n system. If a vulnerable n8n system is directly connected to the internet, this could provide threat actors with initial access to an organizations internal network.
Executive Summary
On January 6th, 2026, CVE-2026-21858 was published by n8n, followed shortly by articles by Dor Attias and Cyera documenting critical flaws in n8n's request parsing. The vulnerability allows an unauthenticated attacker to exfiltrate sensitive data, which can lead to full compromise of the n8n system. If a vulnerable n8n system is directly connected to the internet, this could provide threat actors with initial access to an organizations internal network.
At the time of writing multiple proof-of-concept samples (PoCs) had already been published, meaning widespread exploitation is already underway. N8n had released an update to their software in November, and Beazley Security Labs highly recommends users adopt and deploy immediately.
Affected Systems or Products
Product | Affected Versions | Fixed Versions |
|---|---|---|
n8n | >= 1.65.0 | 1.121.0 |
Mitigations / Workarounds
N8n has not provided any mitigation recommendations aside from applying available software updates. If possible, n8n systems should be deployed internally with no inbound connectivity allowed to it from the internet.
Patches
N8n released 1.121.0 on November 18, 2025 that addresses this vulnerability. Given the proliferation of PoCs and news reporting of this vulnerability, it is strongly advised that any deployments of n8n are updated immediately.
Technical Details
The vulnerability is due to a bug in the way n8n parses user input from workflows, specifically how the parseRequestBody() function handles Content-Type values. Some of the input control parameters can be changed and maliciously modified by a threat actor, and researchers at Cyera found that the Content-Type header, in conjunction with the req.body.files object, can be used to confuse n8n into reading an arbitrary file on the underlying operating system and reporting its contents back to the attacker.
Cyera also demonstrated that this arbitrary file read and be leveraged to exfiltrate:
the n8n database (a plain text sqlite file), and
the local n8n encryption key (often stored in the same way for containerized deployments)
These two files provide enough data to create valid authentication tokens to enable an attacker to access administrators of n8n. N8n administrators can then create workflows to execute commands on the host system.
How Beazley Security is responding
Beazley Security is monitoring client perimeter devices through our Exposure Management Platform to identify impacted devices and support organizations in remediation of any issues found.
If you believe your organization may have been impacted by this attack campaign and need support, please contact our Incident Response team.