#531: Critical 10/10 n8n Vulnerability EXPLOITED

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to basket failed.

Please try again later

Add to wishlist failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Unfollow podcast failed

#531: Critical 10/10 n8n Vulnerability EXPLOITED

Listen for free

View show details

About this listen

Security researchers Dor Attias and Ofek Itach demonstrate a critical CVSS 10.0 n8n vulnerability (CVE-2026-21858). Watch the full RCE exploit demo using type confusion to bypass authentication and read sensitive local files. // Dor Attias SOCIAL // LinkedIn: / dor-attias-740758155 // Ofek Itach SOCIAL // LinkedIn: / ofek-it // N8N Hack Blog https://www.cyera.com/research-labs/n... // Cyera Blog // https://www.cyera.com/blog // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:56 - n8n vulnerability explained 02:33 - n8n hacking demo // How the vulnerability works 09:13 - How bad is it? 11:51 - Vulnerability summary 13:28 - More explained on Cyera blog // Webhooks 16:59 - Webhooks explained 18:09 - Formidable 19:18 - Formidable explained 20:01 - Handling uploaded files in n8n 22:32 - The form webhook node 24:28 - How to exploit 25:54 - Exploit summary 26:46 - How to mitigate 27:37 - How to become a security researcher 32:36 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.

No reviews yet