CVE-2026-42234 in n8ninformação

Sumário

de MITRE • 04/05/2026

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This issue only affects instances where the Python Task Runner is enabled. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

GitHub M

Reservar

25/04/2026

Divulgação

04/05/2026

Moderação

aceite

Entrada

VDB-361001

CPE

pronto

CWE

CWE-94 (confirmado)

CVSS

6.3 (VulDB)

EPSS

0.00083

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-42234
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-42234
CVE Details	https://www.cvedetails.com/cve/CVE-2026-42234/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!