Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if efficiently exploited, might lead to authenticated distant code execution (RCE).
The vulnerability, which has been assigned the CVE identifier CVE-2026-21877, is rated 10.0 on the CVSS scoring system.
“Below sure circumstances, an authenticated consumer might be able to trigger untrusted code to be executed by the n8n service,” n8n mentioned in an advisory launched Tuesday. “This might lead to full compromise of the affected occasion.”
The maintainers mentioned each self-hosted deployments and n8n Cloud cases are impacted. The problem impacts the next variations –
It has been addressed in model 1.121.3, which was launched in November 2025. Safety researcher Théo Lelasseux (@theolelasseux) has been credited with discovering and reporting the flaw.
Customers are suggested to improve to this model or later to fully tackle the vulnerability. If fast patching just isn’t attainable, it is important that directors restrict publicity by disabling the Git node and limiting entry for untrusted customers.
The disclosure comes as n8n has addressed a gentle stream of crucial flaws within the platform (CVE-2025-68613 and CVE-2025-68668, CVSS scores: 9.9) that might result in code execution beneath particular circumstances.
