← Back to CVEs
CVE-2026-45227
HIGH8.8
Description
Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspection primitives. Attackers can use Python introspection techniques to recover the unrestricted __import__ function, import blocked modules such as os and subprocess, and access inherited backend environment variables containing database credentials and encryption keys to execute arbitrary host commands as the backend service user.
CVE Details
CVSS v3.1 Score8.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published5/12/2026
Last Modified5/13/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-693
References
https://github.com/heymrun/heym/commit/32b7e809d987d9b018ec8daa2cdaf48f627f26f1(disclosure@vulncheck.com)
https://github.com/heymrun/heym/pull/94(disclosure@vulncheck.com)
https://github.com/heymrun/heym/releases/tag/v0.0.21(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/heym-sandbox-escape-via-python-introspection(disclosure@vulncheck.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.