Critical vulnerability found in n8n workflow automation platform - Cybersecurity Dive

Critical vulnerability found in n8n workflow automation platform The open-source platform is widely used across enterprise environments, leaving thousands of instances at risk. Published Jan. 12, 2026 David Jones Reporter Share License Add us on Google peshkov via Getty Images Security researchers warn that tens of thousands of systems may be exposed to a critical vulnerability in n8n, a widely used open-source workflow automation platform.  The vulnerability, tracked as CVE-2026-21858, could allow an attacker to bypass automation entirely by using a “content-type confusion” bug in standards modes, according to researchers at Cyera.The vulnerability has a severity score of 10. The tool is considered critical for AI agents and enterprise automation, according to Cyera.  Researchers warned that compromising an n8n environment could allow an attacker to gain widespread access to sensitive credentials, including Salesforce, AWS and OpenAI.  As of Friday, researchers at Shadowserver found more than 105,000 vulnerable instances out of over 230,000. Those estimates have since fallen to about 59,500.  Researchers at Censys reported more than 26,000 exposed hosts. Researchers initially notified n8n about the vulnerability in November and patches were released to the customer base on Nov. 18. Users should upgrade to version 1.121.0. There is no current evidence of exploitation. Add us on Google Share PURCHASE LICENSING RIGHTS Filed Under: Vulnerability