CVE-2026-45227

CVE Database · CVE-2026-45227

CVE-2026-45227

· HIGHDeferred

CVSS v3.1

8.8

CVSS v4.0

8.7

EPSS

0.23%

Published

May 12, 2026

Modified

May 14, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspection primitives. Attackers can use Python introspection techniques to recover the unrestricted __import__ function, import blocked modules such as os and subprocess, and access inherited backend environment variables containing database credentials and encryption keys to execute arbitrary host commands as the backend service user.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-693

References (5)

https://github.com/heymrun/heym/commit/32b7e809d987d9b018ec8daa2cdaf48f627f26f1

https://github.com/heymrun/heym/pull/94

https://github.com/heymrun/heym/releases/tag/v0.0.21

https://www.vulncheck.com/advisories/heym-sandbox-escape-via-python-introspection

https://github.com/heymrun/heym/pull/94

KEV Catalog EPSS Scores Vendors All CVEs