CVE-2026-42234 in n8nالمعلومات

الملخص

بحسب MITRE • 04/05/2026

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This issue only affects instances where the Python Task Runner is enabled. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

GitHub M

حجز

25/04/2026

إفشاء

04/05/2026

الاعتدال

تمت الموافقة

إدخال

VDB-361001

CPE

جاهز

CWE

CWE-94 (مؤكد)

CVSS

6.3 (VulDB)

EPSS

0.00083

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-42234
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-42234
CVE Details	https://www.cvedetails.com/cve/CVE-2026-42234/

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!