n8n Vulnerabilities (March 2026)

Heloise Meyer | March 12, 2026, 3:15 p.m.

Further information on the critical n8n vulnerabilities (CVE-2026-27577 and CVE-2026-27493)

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials [Ravie Lakshmanan, The Hacker News]

Zero Click Unauthenticated RCE in n8n: A Contact Form That Executes Shell Commands [Eilon Cohen, Pillar Security]

CVE-2026-27577 Detail [NIST, NIST]

CVE-2026-27493 Detail [NIST, NIST]