Workflow Automation Security Compared (2026)

CVSS 10.0CVE-2026-21858 — “Ni8mare” unauthenticated RCE

Unauthenticated RCE via Content-Type confusion on the webhook surface. Horizon3 researchers published exploitation detail; the “Ni8mare”[3] handle is theirs. Any internet-exposed n8n instance on a vulnerable build could be compromised without credentials. Patched in 1.123.17 / 2.5.2.

CVSS 10.0CVE-2026-21877 — authenticated RCE via file upload

Authenticated file-upload chain escalates to remote code execution. Any user with workflow-edit credentials could execute arbitrary code on the host. Higher impact for multi-tenant Cloud deployments; still meaningful for self-host teams where builder access is delegated to non-admins.

CVSS 9.4 — BypassCVE-2026-25049 — bypass of CVE-2025-68613

This is the load-bearing disclosure. CVE-2026-25049[1] is a bypass of prior CVE-2025-68613[2] (CVSS 9.9, December 2025). Same expression-sandbox escape; the December patch was incomplete and the researcher demonstrated a second path in February 2026. Security researcher Çelik concluded: “they could be considered the same vulnerability, as the second one is just a bypass for the initial fix.” This matters for buyers because patch discipline is not just “apply the CVE patch” — you have to watch for bypasses of patches for months after the initial disclosure.

CriticalCVE-2026-33660 — further critical RCE (patched 30 March 2026)

This is the third fresh critical CVE in the cluster following Ni8mare and CVE-2026-25049. Qualys Threat Protect documented the patch on 30 March 2026. Bringing the Q1 2026 cluster to three new critical disclosures over three consecutive months (Jan, Feb, Mar) — the load-bearing pattern for procurement is not any single CVE but the disclosure cadence itself.

CVSS 9.4CVE-2026-25052 and CVE-2026-25115

CVE-2026-25052 is a TOCTOU (time-of-check-to-time-of-use) flaw in file-access controls that Perplexity deep research links to potential account takeover. CVE-2026-25115 is a Python Code node sandbox escape when Task Runners are enabled. Both land in the 9.4 range. That is four CVSS 9.4+ vulnerabilities in three months on a single product.

2‡n8n — Self-host escape hatch meets patch discipline

The five 9.4+ CVEs above plus the 30 Mar 2026 CVE-2026-33660 sit alongside two large February 2026 outages (Feb 17 at 16h58m, Feb 18 at 10h56m per IsDown[13]) and a Trustpilot 3.2/5 that mostly reflects self-host friction. The same product runs 3,000+ enterprise customers including Vodafone (33 workflows, £2.2M saved). n8n 2.0 “Enterprise-Hardened” (Q1 2026) shipped Task Runners on by default in direct response to the cluster — a real architectural change, not a press release. The takeaway for procurement: self-host is a security feature AND a patch-discipline burden. Confirm you are on n8n 2.0 (1.123.17 / 2.5.2 or later), subscribe to the n8n security feed, and budget for monthly patch windows. Compliance-and-security score sits at 2‡ until the patch bypass pattern stops.

4‡Zapier — zero 2026 CVEs, but reliability uneven

Zapier[7] carries no 2026 platform CVE disclosures in the corpus we reviewed. Trust centre is mature; SOC 2 and GDPR are well-documented; HIPAA is available under an Enterprise BAA. The security-adjacent risk is reliability: 623+ outages logged since 2017 per IsDown (multi-year historical stat), 44 incidents in the last 90 days with a 2h 6min median duration, and no SLA on Standard or Pro plans. An October 2025 outage documented refused refunds; recent research confirms no formal post-mortem, SLA change or refund-policy update has been published in the 2026-01-20 to 2026-04-20 window. The most recent public incidents on our radar are Apr 6 2026 custom-actions failure (22:12–22:47 UTC) and Apr 16 2026 Zap Run History Export download-link errors. CVE-2025-50010 is a missing-authorization flaw in the Zapier for WordPress plugin — ecosystem, not platform. Compliance scores 4‡.

4°Make — EU residency is the differentiator, outages are the shadow

Make[8] is the strongest EU-residency story in the tested set (a private AWS + on-prem Agent option is available for Enterprise). 99.9% Enterprise SLA; SOC 2 and GDPR baseline. The shadow side is operational. The freshest evidence: a Jan 3 2026 5h+ outage covered on DEV.to, an 11 Mar 2026 delayed-execution incident on the us1 zone, and multiple smaller incidents through 12–17 April 2026. IsDown aggregation over the last 90 days shows 9 incidents with a 10h 47min median duration — roughly 5× Zapier's 2h 6min median. A Jun 2025 outage previously produced a documented $12K customer revenue loss with refund denied; Make has not publicly addressed that incident in the 2026-01-20 to 2026-04-20 window, and the 10h 47min median suggests reliability issues persist. Make's current credit structure bills retries as separate credits, which is the Type-A pricing flag that drags the cost-at-scale score. For buyers where “where does my data live” binds the decision, Make wins. For buyers who need a tight SLA on the mid-tier, it is a harder sell than Zapier.

1°Codewords — zero independent audit surfaced

Codewords[11] scores 1° on compliance because no independent security audit or SOC 2 report is published. That is a real procurement blocker for regulated sales — not a judgement on the product (we liked it in hands-on testing), just an honest reading of what's published. Codewords is an early-stage startup; attestations typically follow enterprise traction. If you are buying for a regulated workload today, Gumloop or Zapier clear the procurement gate; revisit Codewords when its trust centre catches up.

4‡Gumloop — quiet leader on compliance via Gumstack

Gumloop[9] is the strongest compliance story in the tested set: SOC 2 Type 2, GDPR, and HIPAA via the Gumstack product. Trust centre is published at trust.gumloop.com[10]. Real enterprise traction (Shopify, Instacart, Ramp, Gusto, Samsara, Opendoor, Webflow case studies published). We validated the Gumstack HIPAA claim in April 2026; it checks out. The caveats we hold on other dimensions (credit-burn complaints, ~100 integrations vs Zapier's 8,000, StatusGator logging 23+ status-page incidents in six months) do not change the compliance picture. For regulated workloads, Gumloop via Gumstack is the default tested pick.

3°*Lindy — Temporal backbone helps, public compliance thin

Lindy[12] sits at 3°* on compliance — inferred from related evidence rather than a full public certifications inventory. The positive durability signal is adoption of Temporal Cloud as the workflow backbone (Temporal case study published), plus Q1 2026 product investment: Lindy 3.0, Lindy Build, Gaia (autonomous phone agent), and a Pipedream partnership adding 500+ actions across 200+ apps. The negative signals are a Jan 26 2026 platform-wide outage documented on Lindy's own forum and a March 2026 Recall-partner cascading failure. For regulated use cases, public SOC 2 / HIPAA confirmation is required before adoption; we did not find that in the corpus.

If you need self-host for compliance or data-boundary reasons: n8n self-host — with strict patch discipline. Confirm n8n 2.0 (1.123.17 / 2.5.2 or later) with Task Runners enabled, subscribe to the security feed, and monitor for bypass CVEs for months after each patch. The Q1 2026 cluster (Ni8mare + CVE-2026-21877 + CVE-2026-25049 + CVE-2026-33660 patched 30 Mar) is the benchmark for how aggressive this discipline needs to be.

If you need HIPAA coverage: Gumloop via Gumstack. It is the only platform in our tested set with first-class HIPAA on the standard product surface. Make and Zapier offer BAAs inside Enterprise engagements but HIPAA is not part of their default plans.

If EU data residency matters: Make Enterprise. Private AWS plus on-prem Agent option is unique in the tested set; SOC 2 baseline is there; the operational caveat is the 2025 outage history, not the residency story.

If you cannot accept unknown audit status: avoid Codewords until an independent audit surfaces. This is not a product-quality judgement — the hands-on UX is strong for the Non-Technical Founder persona — it is a procurement-risk judgement.

If you are in a regulated industry without clear SLA needs: Gumloop or Zapier Enterprise. Both have mature trust centres, both disclose sub-processors, both support BAAs inside Enterprise engagements. Compare on integration breadth (Zapier vs n8n) and HIPAA coverage — those are the binding constraints for most regulated buyers.

If you are buying at the AI Product Builder layer: see our AI Product Builder ranking — n8n wins the persona but the Cloud-only AI Workflow Builder forces a trade with self-host security posture, which is the single biggest decision in this article.

Which workflow automation platform is most secure in 2026?

We compared six workflow automation platforms on their published security posture. Gumloop has the strongest compliance surface: SOC 2 Type 2 plus GDPR plus HIPAA via Gumstack. Zapier and Make also carry SOC 2 with mature trust centres. n8n has the richest feature set but absorbed four critical RCE CVEs in 2026; n8n 2.0 "Enterprise-Hardened" shipped in response with Task Runners on by default. We score n8n 2/5 on Compliance until patch discipline is proven across self-host deployments. Codewords scores 1/5 — no independent security audit is published.

Is n8n safe to self-host given the CVEs?

Yes, but only if you enforce patch discipline. The Q1 2026 CVE cluster (CVE-2026-21858 "Ni8mare" unauthenticated RCE Jan 8, CVE-2026-21877 authenticated RCE, CVE-2026-25049 CVSS 9.4 bypass of CVE-2025-68613, CVE-2026-33660 critical RCE patched Mar 30 per Qualys, plus CVE-2026-25052 TOCTOU and CVE-2026-25115 Python Code node sandbox escape) all require operators to be on n8n 2.0 (1.123.17 or 2.5.2 or later). Singapore CSA, Canadian CCCS, Horizon3, Cyera and Qualys all issued advisories; an estimated ~100K n8n servers were exposed at Ni8mare disclosure time. n8n 2.0 "Enterprise-Hardened" shipped in response, with Task Runners on by default isolating custom JS/Python execution. Self-host is still the only 5/5 infrastructure-consent posture in the workflow automation category.

Which workflow automation platforms are HIPAA-compliant?

Of the six platforms we tested hands-on, Gumloop is the only one that offers HIPAA coverage as a first-class product, routed through its Gumstack offering. Zapier and Make support HIPAA only inside specific Enterprise engagements and explicit BAAs (not in their default plans). n8n, Codewords and Lindy have no first-party HIPAA story in the public corpus we reviewed. For regulated healthcare workloads, Gumloop is the default tested pick.

Has Codewords been audited?

No independent audit surfaced in two successive research passes (community + Perplexity deep research, both 2026-04-18). We found near-zero external corpus on Codewords: ~1 Reddit reference, 0 Hacker News threads, 0 independent YouTube reviews, 0 third-party case studies, and no publicly linked SOC 2 Type 1 or Type 2 report. Every "Codewords vs X" comparison on the web is vendor-authored on both sides. For enterprise procurement, treat Codewords as "audit status unknown" until the company publishes third-party attestations.

What is the safest pick for enterprise workflow automation?

It depends on which constraint binds. If you need HIPAA coverage, Gumloop via Gumstack. If you need EU data residency, Make Enterprise. If you need self-host for compliance or data-boundary reasons, n8n Enterprise with strict patch discipline on 1.123.17 / 2.5.2 or later. If breadth of integrations matters more than regulatory fit, Zapier Enterprise. The platforms we could not hands-on test (Workato, Tray.io, MuleSoft, Boomi) dominate the Enterprise segment per Gartner MQ 2025 and Forrester Wave 2024 but are enterprise-sub-only.