SecurityENDonnerstag, 15. Januar 2026

New Vulnerability in n8n

Schneier on Security

External Source

Summary

This isn’t good: We discovered a critical vulnerability (CVE-2026-21858, CVSS 10.0) in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers globally. No official workarounds are available for this vulnerability. Users should upgrade to version 1.121.0 or later to remediate the vulnerability. Three technical links and two news links.

External Article

This article is from Schneier on Security and is hosted there. We only link to external sources and do not host any content on our servers.

Read Full Article Back to Overview