CVE-2026-41900
Analyzed Analyzed - Analysis Complete
Remote Code Execution in OpenLearnX Platform

Publication date: 2026-05-08

Last updated on: 2026-05-29

Assigner: GitHub, Inc.

Description
OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. This issue has been patched in version 2.0.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-29
Generated
2026-06-19
AI Q&A
2026-05-08
EPSS Evaluated
2026-06-18
NVD
CVE-2026-41900
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
th30d4y openlearnx 2.0.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
CWE-693 The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-41900 is a critical remote code execution (RCE) vulnerability in the OpenLearnX platform's code execution environment. It allowed attackers to escape the Python sandbox and execute arbitrary commands on the affected system. This means that an attacker could run unauthorized code outside the intended restricted environment, potentially compromising the system.

The vulnerability was caused by issues such as OS command injection, code injection, unnecessary privileges, improper access control, and failure of protection mechanisms.

This flaw affected versions prior to 2.0.3 and was patched in version 2.0.3 by introducing a hardened sandbox environment and improved security controls.

Impact Analysis

This vulnerability can have severe impacts including high confidentiality, integrity, and availability losses. An attacker exploiting this flaw could execute arbitrary commands remotely, potentially gaining unauthorized access to sensitive data, modifying or deleting data, or disrupting the availability of the OpenLearnX platform.

Because the attack vector is network-based with low complexity and no required privileges or user interaction, it is relatively easy for attackers to exploit, increasing the risk.

Detection Guidance

Detection of this vulnerability can be facilitated by using the new dedicated administrative endpoint `/logs/executions` introduced in the OpenLearnX platform. This endpoint allows administrators to query detailed execution logs including timestamps, execution IDs, languages, statuses, security violations, and resource usage metrics.

By querying this endpoint, administrators can filter and review suspicious or abnormal code execution events that might indicate exploitation attempts or sandbox escapes.

Specific commands would depend on interacting with this endpoint, for example, using curl or similar HTTP clients to request logs with filters for unusual statuses or security violations.

  • Example curl command to fetch execution logs (replace placeholders accordingly):
  • curl -X GET 'https://your-openlearnx-instance/api/logs/executions?status=security_violation&limit=50' -H 'Authorization: Bearer <admin_token>'

Additionally, monitoring logs for unexpected command executions or sandbox escapes through the `security_logs` and `code_execution_events` collections can help detect exploitation attempts.

Mitigation Strategies

The primary immediate mitigation step is to upgrade the OpenLearnX platform to version 2.0.3 or later, where the vulnerability has been patched with enhanced sandbox security.

Until the upgrade can be performed, administrators should restrict access to the code execution environment to trusted users only and monitor execution logs closely for any suspicious activity.

Implementing strict access controls and limiting privileges can reduce the risk of exploitation.

Review and apply any additional security hardening measures introduced in the patch, such as using the new hardened sandbox environment and enhanced logging features.

Compliance Impact

The vulnerability in OpenLearnX allows remote code execution with high impact on confidentiality, integrity, and availability, which could lead to unauthorized access or manipulation of sensitive data.

Such a security flaw could negatively affect compliance with standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information against unauthorized access and breaches.

However, the provided information does not explicitly state the direct impact on compliance or mention any regulatory considerations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41900. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart