Description
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This issue only affects instances where the Python Task Runner is enabled. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.
Published: 2026-05-04
Score: 7.1 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an authenticated user with workflow edit rights to escape the Python task runner sandbox and execute arbitrary code on the container running the task runner. This results in remote code execution within the task runner environment, potentially compromising the host if privileges are high. The weakness is a code injection flaw (CWE‑94).

Affected Systems

The affected product is n8n by n8n‑io. All installations running n8n versions older than 1.123.32, 2.17.4, or 2.18.1 that have the Python Task Runner enabled are susceptible. Only the workflow automation platform itself is impacted; downstream applications may be affected if they interact with the compromised task runner.

Risk and Exploitability

CVSS base score of 7.1 indicates a high severity. EPSS is not available, but the vulnerability is not listed in CISA KEV, suggesting it may not yet be widely exploited. An attacker must be an authenticated user with permission to create or modify workflows, which is a relatively high-privilege condition. If such a user exists, they can trigger the sandbox escape and run malicious code on the task runner container.

Generated by OpenCVE AI on May 4, 2026 at 20:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patch by upgrading n8n to version 1.123.32 or newer, 2.17.4 or newer, or 2.18.1 or newer;
  • If upgrading is not possible, disable the Python Task Runner component to eliminate the attack surface, and revert any existing Python Code Node workflows to safe alternatives;
  • Revise user permissions so that only trusted personnel can create or modify workflows; monitor workflow changes for suspicious activity.

Generated by OpenCVE AI on May 4, 2026 at 20:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This issue only affects instances where the Python Task Runner is enabled. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.
Title n8n: Python Task Runner Sandbox Escape
Weaknesses CWE-94
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-05T03:56:37.641Z

Reserved: 2026-04-25T05:37:12.117Z

Link: CVE-2026-42234

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-04T19:16:06.017

Modified: 2026-05-04T19:16:06.017

Link: CVE-2026-42234

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T20:30:08Z

Weaknesses