vulnerability

n8n:CVE-2026-21877: Arbitrary File Write in Git Node allows Remote Code Execution

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Jan 8, 2026

Added

Jan 9, 2026

Modified

Jan 9, 2026

Description

An arbitrary file write vulnerability exists in n8n versions from 0.123.0 up to, but not including, 1.121.3. An authenticated attacker with access to workflow creation can exploit the Git node to write malicious files to the underlying server filesystem. This can be chained to execute arbitrary code (RCE) on the host system with the privileges of the n8n process.

Solution

n8n-upgrade-1_121_3

References

CWE-434
CVE-2026-21877
https://attackerkb.com/topics/CVE-2026-21877
https://nvd.nist.gov/vuln/detail/CVE-2026-21877

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report