Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...
Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations ...
CVE-2026-21858, a critical n8n vulnerability, can be exploited for unauthenticated remote code execution, leading to instance ...
A compromised n8n instance doesn’t just mean losing one system — it means handing attackers the keys to everything,’ security ...
The Register on MSN
Maximum-severity n8n flaw lets randos run your automation server
Unauthenticated RCE means anyone on the network can seize full control A maximum-severity bug in the popular automation ...
The open-source platform is widely used across enterprise environments, leaving thousands of instances at risk.
What if you could turn your automation workflows into fully functional web applications without writing a single line of code? Imagine creating a sleek, client-ready app that automates repetitive ...
Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." ...
A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...
Cyera researchers detail critical 'Ni8mare' vulnerability allowing full takeover of n8n instances - SiliconANGLE ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback