The National Computer Emergency Response Team (National CERT) has issued a critical advisory warning organizations about a severe remote code execution vulnerability in the open-source workflow automation platform n8n.
Tracked as CVE-2026-21858, the flaw carries a maximum CVSS score of 10.0 and allows unauthenticated attackers to execute arbitrary commands, gaining full control of affected systems remotely.
The vulnerability stems from improper input validation and inadequate authorization checks in exposed components of the n8n platform. Exploitation does not require authentication or user interaction, making the attack extremely easy to execute. National CERT emphasized that organizations running vulnerable n8n instances face an immediate and severe risk of complete system compromise.
Successful exploitation could enable attackers to execute remote code, take over servers, manipulate or delete workflows, steal stored credentials, including API keys and tokens, and exfiltrate sensitive business data. Compromised workflows could also be used for lateral movement to connected systems, creating broader supply chain risks for partners and downstream services.
National CERT noted that this advisory follows a series of critical n8n vulnerabilities reported over the past two weeks, including CVE-2025-60613, CVE-2025-68613, and CVE-2026-21877, highlighting sustained attacker interest in the platform. Versions prior to 1.121.0 are confirmed vulnerable, while some configurations up to version 1.121.3 may remain at risk if not properly secured.
Organizations are urged to treat the issue as an emergency patching event by immediately upgrading to n8n version 1.121.0 or later, with 1.121.3 recommended where applicable. Additional measures include rotating all credentials and secrets, reviewing audit logs for unauthorized activity, restricting network access to exposed instances, and implementing continuous monitoring and hardening practices to reduce the risk of exploitation.
Stay Connected with ProPakistani
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.
Hi