VDB
GCVE-VVD-ACSC-2026-0002
GCVE-VVD-ACSC-2026-0002
Advisory Published
A critical unauthenticated Remote Code Execution (RCE) vulnerability affecting n8n workflow automation platform has been observed. The critical vulnerability, tracked as CVE-2026-21858, allows unauthenticated threat actors to access sensitive files on the underlying server through execution of certain form-based workflows leading to RCE.
This vulnerability is assessed as CVSS 10.0.
Aliases
Transitive aliases
GHSA-v98v-ff95-f3cpGHSA-jf52-3f2h-h9j5VVD-CESS-2026-21894EUVD-2026-8761NCSC-2026-0002VVD-NCSC-2026-2VVD-CESS-2026-21858GHSA-v4pr-fm98-w9pgVVD-ANCHORE-2025-68613VVD-CESS-2025-68613VVD-CESS-2026-27577BDU:2026-00126BDU:2025-16183EUVD-2025-204618CVE-2026-27577VVD-ANCHORE-2026-21894GHSA-vpcf-gvg4-6qwrWID-SEC-W-2026-0040CVE-2025-68613VVD-ANCHORE-2026-27577VVD-ANCHORE-2026-21858CVE-2026-21894
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.