February 2026 has been catastrophic for n8n’s security story. It started with 8 CVEs on February 6. Then 11 more on February 25. Now, Ni8mare (CVE-2026-21858) — a CVSS 10.0 unauthenticated remote code execution vulnerability — makes it 20+ CVEs, 7 critical, and 4 independent RCE vectors in a single month.
This is no longer a patching problem. This is an architecture problem.
Recap: February’s security collapse
February 6 — The first wave (8 CVEs)
n8n’s February 6 bulletin disclosed 8 vulnerabilities, including CVE-2026-25049 (CVSS 9.4) — a bypass of the December 2025 patch for the original expression injection RCE. The bypass proved the expression evaluation engine has a fundamental design flaw, not a one-time bug.
February 25 — Three new RCE vectors (11 CVEs)
Three weeks later, n8n published 11 additional vulnerabilities including 3 new critical-severity issues across completely independent subsystems:
| CVE | Severity | Attack Surface |
|---|---|---|
| CVE-2026-27497 | Critical (9.4) | SQL query mode — arbitrary code execution |
| CVE-2026-27577 | Critical (9.4) | Expression sandbox escape — system commands |
| CVE-2026-27495 | Critical (9.4) | JavaScript task runner sandbox breakout |
Additional issues included stored XSS, SSO bypass, unauthenticated form evaluation, SQL injection across MySQL/PostgreSQL/MSSQL, and webhook forgery.
Ni8mare: The worst one yet
CVE-2026-21858 — CVSS 10.0 — Unauthenticated Remote Code Execution
Ni8mare exploits Content-Type confusion in n8n’s webhook handling to achieve full server takeover. What makes it qualitatively different from the other three RCE vectors:
- Zero credentials required. The prior RCE vectors (expression, SQL, task runner) all required some level of authenticated access. Ni8mare needs nothing — any exposed webhook endpoint is an attack surface.
- Full server takeover. Not limited to sandbox escape or query injection. Complete remote code execution on the underlying server.
- ~100,000 instances exposed. This is not the 26,512 figure from earlier Censys scans — Ni8mare’s attack surface includes any n8n instance with webhook endpoints, dramatically expanding the exposure.
- 4th independent attack surface. Expression evaluation, SQL query mode, JavaScript task runner, and now webhook Content-Type confusion. Four completely separate subsystems, four completely separate paths to RCE.
Why Content-Type confusion is so dangerous
Webhook endpoints are by definition internet-facing. They’re designed to receive external requests. When the mechanism that parses those requests — the Content-Type handler — can be confused into executing arbitrary code, the entire concept of a “webhook” becomes a remote code execution entry point.
Every n8n workflow that starts with a webhook trigger is a potential Ni8mare target. No authentication. No exploitation chain. Just a single malformed request.
4 independent RCE vectors = broken architecture
Finding one RCE in a product is a serious security incident. Finding two is a pattern. Finding three in one month is alarming.
Finding four independent RCE vectors in a single month — spanning four separate subsystems — is confirmation that the security architecture is fundamentally broken.
| RCE Vector | Subsystem | CVE | Auth Required |
|---|---|---|---|
| Expression sandbox escape | Expression evaluation engine | CVE-2026-27577 | Yes |
| SQL query mode RCE | SQL execution engine | CVE-2026-27497 | Yes |
| JS task runner breakout | JavaScript sandbox | CVE-2026-27495 | Yes |
| Webhook Content-Type confusion | Webhook handling | CVE-2026-21858 | No |
Each of these represents a distinct attack surface. Patching one does not protect against the others. An attacker only needs to find one — and with Ni8mare, they don’t even need credentials.
National agency advisories
The severity of n8n’s February disclosures prompted formal advisories from national cybersecurity agencies:
- Singapore CSA (Cyber Security Agency of Singapore) — Issued advisory for n8n vulnerabilities
- Canadian CCCS (Canadian Centre for Cyber Security) — Issued advisory for n8n vulnerabilities
These are the same agencies that issue advisories for critical infrastructure vulnerabilities. When national governments are warning organizations about your automation platform, the urgency extends beyond routine patching.
Why patching isn’t enough
The pattern across February tells a definitive story:
- February 6: 8 CVEs — including a bypass of the December 2025 patch
- February 25: 11 more CVEs — 3 new critical across separate subsystems
- Ni8mare: CVSS 10.0 — unauthenticated RCE via webhooks, 4th independent vector
Even if you patch to the latest version today:
- The December 2025 patch was bypassed in February. Patch → bypass → patch is not a sustainable security strategy.
- Four separate subsystems had independent RCE vulnerabilities. This suggests systemic issues in how n8n approaches security across its codebase.
- Ni8mare requires zero authentication. Any webhook-enabled workflow was an open door. If your instance was exposed before patching, compromise may have already occurred.
- Minimum safe version is v2.5.2+. If you’re running v2.2.2 or older, you’re still vulnerable to Ni8mare even with patches for the other vulnerabilities.
The migration path
JieGou’s n8n import wizard converts your n8n workflow JSON exports to JieGou workflows automatically — and now includes a security assessment that identifies Ni8mare-vulnerable webhook nodes:
- Export your n8n workflows (Settings → Export All Workflows)
- Upload the JSON to JieGou’s import wizard
- Review the conversion — 50+ node type mappings handled automatically, plus a security assessment highlighting vulnerable nodes (webhook triggers, code nodes, SQL nodes, LangChain agents)
- Deploy with managed hosting, zero patching, and SOC 2-ready compliance infrastructure
The security assessment scans your workflow for nodes mapped to known CVEs:
- Webhook triggers → CVE-2026-21858 (Ni8mare) — critical
- Code / Function nodes → CVE-2026-27577 (expression sandbox escape) — high
- PostgreSQL / MySQL / MSSQL nodes → CVE-2026-27497 (SQL RCE) — high
- LangChain Agent / Chain nodes → CVE-2026-27495 (task runner breakout) — medium
- Form triggers → CVE-2026-27493 (unauthenticated form eval) — medium
Updated CVE summary
| Metric | Count |
|---|---|
| Total CVEs in February 2026 | 20+ |
| Critical severity (CVSS 9.4–10.0) | 7 |
| Independent RCE vectors | 4 |
| Unauthenticated RCE (Ni8mare) | 1 (CVSS 10.0) |
| National agency advisories | 2 (Singapore CSA, Canadian CCCS) |
| Exposed instances | ~100,000 |
| Minimum safe version | v2.5.2+ |
Security comparison
| Dimension | JieGou | n8n |
|---|---|---|
| CVEs (Feb 2026) | 0 | 20+ total, 7 critical |
| RCE vectors | N/A | 4 independent |
| Unauthenticated RCE | N/A | CVE-2026-21858 Ni8mare |
| Government advisories | None needed | Singapore CSA, Canadian CCCS |
| Exposed instances | N/A (cloud + VPC) | ~100,000 |
| Test suite | 11,875 tests, 99.18% coverage | Open-source; community testing |
| SOC 2 | Tech complete, 17 policies, audit pending | Not available |
| Encryption at rest | AES-256-GCM (BYOK) | Not included (community) |
| RBAC | 6 roles, 20 permissions | Basic (admin / editor) |
| Audit logging | 30 action types, immutable | Not included (community) |
Start migrating
20+ vulnerabilities. Four independent remote code execution attack surfaces. One that requires zero authentication. National cybersecurity agencies issuing formal advisories.
If you’re running n8n — especially self-hosted — the risk profile has fundamentally changed with Ni8mare.
- Import your n8n workflows — automated import with 50+ node mappings and security assessment
- Read the migration guide — step-by-step technical walkthrough
- Compare JieGou vs. n8n — full feature and security comparison