3 matches found
CVE-2026-45227
Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspection primitives. Attackers can use Python introspection techniques to recover the unrestricted...
EUVD-2026-29869
Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspection primitives. Attackers can use Python introspection techniques to recover the unrestricted...
PT-2026-40452
Name of the Vulnerable Software and Affected Versions Heym versions prior to 0.0.21 Description A sandbox escape exists in the custom Python tool executor. Authenticated workflow authors can bypass sandbox restrictions using object-graph introspection primitives. By employing Python introspection...