Ni8mare on Automation Street: When Workflows Turn Into an Attack Path

Ni8mare (CVE-2026-21858) is a critical unauthenticated vulnerability in self-hosted n8n that allows attackers to exploit content-type parsing inconsistencies on public webhook/form endpoints to access configuration and cryptographic materials, forge admin sessions, create or modify workflows, and achieve remote code execution and full instance takeover; defenders are urged to upgrade to patched versions, reduce external exposure, rotate stored credentials, and perform compromise assessments.