Description
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Published: 2026-01-07
Score: 10 Critical
EPSS: 6.9% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in n8n’s handling of webhook request data allows an attacker who does not possess authentication credentials to retrieve arbitrary files from the server. The vulnerability is an input validation issue (CWE‑20) that enables an unauthenticated remote attacker to read sensitive information from the underlying filesystem. If the attacker can read configuration files or other assets, further compromise may be possible depending on the deployment context and the workflows in use.

Affected Systems

The open source workflow automation platform n8n is affected. Vulnerable versions include all releases from 1.65.0 through the 1.120.x series; the issue is fixed in version 1.121.0 and later.

Risk and Exploitability

The CVSS score of 10.0 reflects a critical severity, and the EPSS score of 7% suggests a moderate but realistic likelihood that the flaw will be exploited in the near future. The vulnerability is not currently listed in the CISA KEV catalog. Exploitation requires sending a specially crafted webhook‑style request to an exposed n8n instance, which is feasible over the network and does not require any pre‑existing user privileges. Once triggered, the attacker can access any file that the n8n process can read.

Generated by OpenCVE AI on May 18, 2026 at 14:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the n8n installation to version 1.121.0 or later, which contains the patch for this file‑access flaw.
  • Restrict incoming webhook traffic to authenticated or authorized endpoints to eliminate potential attack surfaces from external actors.
  • Apply network segmentation or firewall rules to limit external access to the n8n server and monitor for unusual webhook requests that may indicate exploitation attempts.

Generated by OpenCVE AI on May 18, 2026 at 14:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-v4pr-fm98-w9pg n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
History

Fri, 16 Jan 2026 19:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*

Mon, 12 Jan 2026 19:00:00 +0000

Type Values Removed Values Added
References

Thu, 08 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Description n8n is an open source workflow automation platform. Versions below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0. n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.

Thu, 08 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 08 Jan 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared N8n
N8n n8n
Vendors & Products N8n
N8n n8n

Thu, 08 Jan 2026 00:00:00 +0000

Type Values Removed Values Added
Description n8n is an open source workflow automation platform. Versions below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Title n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N'}

Subscriptions

N8n N8n
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-12T18:37:27.893Z

Reserved: 2026-01-05T16:44:16.367Z

Link: CVE-2026-21858

cve-icon Vulnrichment

Updated: 2026-01-08T19:09:32.957Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-08T00:15:59.990

Modified: 2026-01-16T19:31:34.467

Link: CVE-2026-21858

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-18T14:45:16Z

Weaknesses