CVE-2026-0863 — Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system — CVE Database · The Intelligence Room