CVE-2026-41900
Remote Code Execution in OpenLearnX Platform
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| th30d4y | openlearnx | to 2.0.3 (exc) |
| th30d4y | openlearnx | 2.0.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-693 | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-250 | The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-41900 is a critical remote code execution (RCE) vulnerability in the OpenLearnX platform's code execution environment. It allowed attackers to escape the Python sandbox and execute arbitrary commands on the affected system. This means that an attacker could run unauthorized code outside the intended restricted environment, potentially compromising the system.
The vulnerability was caused by issues such as OS command injection, code injection, unnecessary privileges, improper access control, and failure of protection mechanisms.
This flaw affected versions prior to 2.0.3 and was patched in version 2.0.3 by introducing a hardened sandbox environment and improved security controls.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including high confidentiality, integrity, and availability losses. An attacker exploiting this flaw could execute arbitrary commands remotely, potentially gaining unauthorized access to sensitive data, modifying or deleting data, or disrupting the availability of the OpenLearnX platform.
Because the attack vector is network-based with low complexity and no required privileges or user interaction, it is relatively easy for attackers to exploit, increasing the risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability can be facilitated by using the new dedicated administrative endpoint `/logs/executions` introduced in the OpenLearnX platform. This endpoint allows administrators to query detailed execution logs including timestamps, execution IDs, languages, statuses, security violations, and resource usage metrics.
By querying this endpoint, administrators can filter and review suspicious or abnormal code execution events that might indicate exploitation attempts or sandbox escapes.
Specific commands would depend on interacting with this endpoint, for example, using curl or similar HTTP clients to request logs with filters for unusual statuses or security violations.
- Example curl command to fetch execution logs (replace placeholders accordingly):
- curl -X GET 'https://your-openlearnx-instance/api/logs/executions?status=security_violation&limit=50' -H 'Authorization: Bearer <admin_token>'
Additionally, monitoring logs for unexpected command executions or sandbox escapes through the `security_logs` and `code_execution_events` collections can help detect exploitation attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in OpenLearnX allows remote code execution with high impact on confidentiality, integrity, and availability, which could lead to unauthorized access or manipulation of sensitive data.
Such a security flaw could negatively affect compliance with standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information against unauthorized access and breaches.
However, the provided information does not explicitly state the direct impact on compliance or mention any regulatory considerations.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate mitigation step is to upgrade the OpenLearnX platform to version 2.0.3 or later, where the vulnerability has been patched with enhanced sandbox security.
Until the upgrade can be performed, administrators should restrict access to the code execution environment to trusted users only and monitor execution logs closely for any suspicious activity.
Implementing strict access controls and limiting privileges can reduce the risk of exploitation.
Review and apply any additional security hardening measures introduced in the patch, such as using the new hardened sandbox environment and enhanced logging features.