Home | SANReN CSIRT

08BA 71D7 84FF F6B7 17A0 FBA6 71BA 1673 5DBA 4C70

n8n Vulnerabilities (March 2026)

Heloise Meyer | March 12, 2026, 3:15 p.m.

Further information on the critical n8n vulnerabilities (CVE-2026-27577 and CVE-2026-27493)

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials [Ravie Lakshmanan, The Hacker News]

Zero Click Unauthenticated RCE in n8n: A Contact Form That Executes Shell Commands [Eilon Cohen, Pillar Security]

CVE-2026-27577 Detail [NIST, NIST]

CVE-2026-27493 Detail [NIST, NIST]

Contact Us:

csirt {a} sanren.ac.za

CSIRT:	0x71BA16735DBA4C70
Heloise:	0xD367253D12C5BBBC
Zoya:	0x14D11B78C23A3DEF
Anele:	0x1EC1265990F8D258