From 72df13a1707f831048a3e4ec71660986c9061047 Mon Sep 17 00:00:00 2001
From: Stalin <161853795+Stalin-143@users.noreply.github.com>
Date: Fri, 1 May 2026 22:14:25 +0530
Subject: [PATCH] Create CVE-2026-41900.md

---
 patches/CVE-2026-41900.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 patches/CVE-2026-41900.md

diff --git a/patches/CVE-2026-41900.md b/patches/CVE-2026-41900.md
new file mode 100644
index 0000000..cf8b3d6
--- /dev/null
+++ b/patches/CVE-2026-41900.md
@@ -0,0 +1,28 @@
+![CVE](https://img.shields.io/badge/CVE-2026--41900-red)
+
+# CVE-2026-41900 — RCE via Sandbox Escape (OpenLearnX)
+
+**Severity:** High  
+**CWE:** CWE-78, CWE-94, CWE-250, CWE-284, CWE-693  
+
+## Summary
+A sandbox escape in OpenLearnX allows Remote Code Execution via its Python execution environment.
+
+## Impact
+- Arbitrary command execution  
+- Full system compromise  
+
+## Affected
+< 2.0.3  
+
+## Fixed
+2.0.3  
+
+## References
+- https://github.com/advisories/GHSA-8h25-q488-4hxw  
+- https://github.com/th30d4y/OpenLearnX/commit/14765d7  
+
+## Credits
+Finder: krraze  
+Coordinator: Stalin-143  
+Coordinator: harriiinnii