Thousands of n8n instances under threat from top security issue

• Nearly 60,000 n8n instances remain exposed to Ni8mare CVE-2026-21858 flaw
• Vulnerability allows unauthenticated remote server takeover; fixed in version 1.121.0
• Shadowserver found most cases in US, Europe, Asia; upgrade is only defense

Experts have warned almost 60,000 n8n internet-connected instances are still vulnerable to Ni8mare, a maximum-severity flaw that was discovered and patched.

n8n is an open source workflow automation platform which lets users connect apps, APIs, and services to automate tasks without heavy coding. It allows users to to build visual workflows that move data between tools, trigger actions, and run custom logic.

The Shadowserver Foundation, a nonprofit cybersecurity organization whichgathers intelligence and tracks malicious activity across the web, noted how the platform was vulnerable to CVE-2026-21858, a security flaw stemming from an improper input validation weakness. It allows unauthenticated attackers to remotely take control over the underlying server, and through it ...