Critical Zero-Click Flaw in n8n Allows Full Server Compromise
ATT&CK techniques detected
T1190Exploit Public-Facing Application
61%
"##7 has been assigned a critical severity rating of 9. 4 ( cvss v4. 0 ). read more : maximum severity “ ni8mare ” bug lets hackers hijack n8n servers zero - click unauthenticated flaw : cve - 2026 - 27493 explained the second flaw was also reported by github on february 25 and is…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited