Platform
docker
Component
docker
Fixed in
1.123.15
1.123.15
2.3.6
2.4.3
CVE-2026-0863 describes a remote code execution (RCE) vulnerability in n8n Docker instances. This flaw allows an authenticated user with basic permissions to bypass the python-task-executor sandbox and run unrestricted Python code on the underlying operating system. The vulnerability primarily impacts instances configured in 'Internal' execution mode, potentially leading to a full takeover of the n8n instance. Affected versions include 2.0.0 through 2.4.2, and a fix is expected in a future release.
The impact of CVE-2026-0863 is significant, particularly for n8n deployments using the 'Internal' execution mode. Successful exploitation allows an attacker to execute arbitrary Python code with the privileges of the n8n process. This could enable attackers to gain complete control over the affected server, including data exfiltration, malware installation, and lateral movement within the network. In 'External' mode, the code execution occurs within a sidecar container, limiting the blast radius but still posing a security risk. The ability to bypass the intended sandbox highlights a critical flaw in the task execution mechanism, making it a high-priority vulnerability to address.
CVE-2026-0863 was publicly disclosed on 2026-01-18. The vulnerability is present in the Docker image, making it potentially accessible to a wide range of users. The availability of a public proof-of-concept is currently unknown, but the ease of exploitation described in the vulnerability report suggests a high probability of exploitation. The EPSS score is likely to be medium or high, reflecting the potential for widespread exploitation and significant impact. Refer to the n8n security advisory for further details and updates.
Exploit Status
EPSS
0.03% (8% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-0863 is to upgrade to a patched version of n8n as soon as it becomes available. Until a patch is released, consider restricting access to the Code block functionality or limiting the permissions of authenticated users. For environments where immediate upgrades are not possible, carefully review and restrict the Python code allowed within the Code block. Implement network segmentation to limit the potential impact of a successful exploit. Monitor n8n logs for suspicious activity, particularly related to Python execution and error handling. After upgrading, confirm the fix by attempting to execute a malicious Python payload within the Code block and verifying that the sandbox restrictions are properly enforced.
Actualice n8n a la versión 2.4.2 o superior. Esto corrige la vulnerabilidad de escape de sandbox en el runner de tareas de Python. La actualización se puede realizar a través del gestor de paquetes npm o siguiendo las instrucciones de actualización proporcionadas por n8n.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-0863 is a remote code execution vulnerability affecting n8n Docker instances versions 2.0.0–2.4.2, allowing attackers to bypass sandbox restrictions and execute arbitrary Python code.
If you are running n8n Docker instances in versions 2.0.0 through 2.4.2, and using the 'Internal' execution mode, you are potentially affected by this vulnerability.
The recommended fix is to upgrade to a patched version of n8n as soon as it becomes available. Until then, restrict access to the Code block or limit user permissions.
While active exploitation is not yet confirmed, the vulnerability's ease of exploitation suggests a high probability of exploitation.
Please refer to the official n8n security advisory for the most up-to-date information and guidance regarding CVE-2026-0863.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your Dockerfile file and we'll tell you instantly if you're affected.