Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-1112-nbsn-jygx
Vulnerability ID VCID-1112-nbsn-jygx
Aliases CVE-2026-0863
Summary Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissions and can lead to a full n8n instance takeover on instances operating under "Internal" execution mode. If the instance is operating under the "External" execution mode (ex. n8n's official Docker image) - arbitrary code execution occurs inside a Sidecar container and not the main node, which significantly reduces the vulnerability impact.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
System Score Found at
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
epss 0.00033 https://api.first.org/data/v1/epss?cve=CVE-2026-0863
cvssv3.1 8.5 https://github.com/n8n-io/n8n/commit/b73a4283cb14e0f27ce19692326f362c7bf3da02
ssvc Track* https://github.com/n8n-io/n8n/commit/b73a4283cb14e0f27ce19692326f362c7bf3da02
cvssv3.1 8.5 https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077/
ssvc Track* https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077/
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-0863
b73a4283cb14e0f27ce19692326f362c7bf3da02 https://github.com/n8n-io/n8n/commit/b73a4283cb14e0f27ce19692326f362c7bf3da02
n8n-python-runner-sandbox-escape-jfsa-2026-001651077 https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/n8n-io/n8n/commit/b73a4283cb14e0f27ce19692326f362c7bf3da02
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-20T16:42:52Z/ Found at https://github.com/n8n-io/n8n/commit/b73a4283cb14e0f27ce19692326f362c7bf3da02
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Found at https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-20T16:42:52Z/ Found at https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077/
Exploit Prediction Scoring System (EPSS)
Percentile 0.09678
EPSS Score 0.00033
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-02T21:51:37.048287+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.1.0