Critical vulnerability found in n8n workflow automation platform

The open-source platform is widely used across enterprise environments, leaving thousands of instances at risk.

Thousands of n8n instances under threat from top security issue

Shadowserver data claims on January 11 2026, there were exactly 59,559 internet-connected n8n instances vulnerable to Ni8mare ...
The Hacker News

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations ...
The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...
CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...

A critical n8n flaw has been discovered - here's how to stay safe

The vulnerability was fixed in n8n version 1.111.0, with the addition of a task-runner-based native Python implementation ...
The Silicon Review

n8n Supply Chain Attack Steals OAuth Tokens Via Nodes

A supply chain attack on n8n injected malicious community nodes to steal user OAuth tokens, highlighting critical risks in ...

Max severity Ni8mare flaw impacts nearly 60,000 n8n instances

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." ...

Max severity Ni8mare flaw lets hackers hijack n8n servers

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally ...

Google Antigravity : Build Smart Flows Without Code Using Google’s IDE

Build no-code flows in Google's Antigravity with trigger.dev, including queue monitoring. Set schedules, debug in real time, ...