Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)

A critical Content-Type confusion vulnerability (CVE-2026-21858, CVSS 10.0) in n8n allows an attacker to override req.body.files by sending non-multipart requests, enabling arbitrary file reads, extraction of credentials and configuration, session forgery, and remote code execution on local n8n deployments; the report demonstrates exploitation steps and urges immediate upgrade to n8n 1.121.0 or later, avoidance of public exposure, and authenticated forms.