VYPR
Unrated severityOSV Advisory· Published Jan 18, 2026· Updated Jan 23, 2026

Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.

CVE-2026-0863

Description

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system.

The vulnerability can be exploited via the Code block by an authenticated user with basic permissions and can lead to a full n8n instance takeover on instances operating under "Internal" execution mode.

If the instance is operating under the "External" execution mode (ex. n8n's official Docker image) - arbitrary code execution occurs inside a Sidecar container and not the main node, which significantly reduces the vulnerability impact.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • N8n Io/N8nOSV2 versions
    8n-editor-ui@0.70.0, n8n-core@0.10.0, n8n-core@0.100.0, …+ 1 more
    • (no CPE)range: 8n-editor-ui@0.70.0, n8n-core@0.10.0, n8n-core@0.100.0, …
    • (no CPE)

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.