New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
Bleeping Computer

ChatGPT allows access to underlying sandbox OS, “playbook” data

OpenAI's ChatGPT platform provides a great degree of access to the LLM's sandbox, allowing you to upload programs and files, execute commands, and browse the sandbox's file structure. The ChatGPT ...
CSOonline

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass affects internal‑mode deployments common in enterprise setups. Two critical ...