CVE-2026-33941
published 2026-03-27CVE-2026-33941: Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Handlebars CLI precompiler…
PriorityP343high8.2CVSS 3.1
AVLACLPRLUIRSCCHIHAH
EPSS
0.29%
20.7th percentile
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly into the JavaScript it emits, without any escaping or sanitization. An attacker who can influence template filenames or CLI arguments can inject arbitrary JavaScript that executes when the generated bundle is loaded in Node.js or a browser. Version 4.7.9 fixes the issue. Some workarounds are available. First, validate all CLI inputs before invoking the precompiler. Reject filenames and option values that contain characters with JavaScript string-escaping significance (`"`, `'`, `;`, etc.). Second, use a fixed, trusted namespace string passed via a configuration file rather than command-line arguments in automated pipelines. Third, run the precompiler in a sandboxed environment (container with no write access to sensitive paths) to limit the impact of successful exploitation. Fourth, audit template filenames in any repository or package that is consumed by an automated build pipeline.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | node-handlebars | < node-handlebars 3:4.7.9-1 (forky) | node-handlebars 3:4.7.9-1 (forky) |
| handlebars-lang | handlebars.js | — | — |
| handlebarsjs | handlebars | >= 4.0.0 < 4.7.9 | 4.7.9 |
| handlebarsjs | handlebars | >= 4.0.0 < 4.7.9 | 4.7.9 |
CVSS provenance
nvdv3.18.2HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
osv8.2HIGH
vendor_debian8.2HIGH
vendor_redhat8.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
ghsa·2026-03-27
CVE-2026-33941 [HIGH] CWE-116 Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
## Summary
The Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly into the JavaScript it emits, without any escaping or sanitization. An attacker who can influence template filenames or CLI arguments can inject arbitrary JavaScript that executes when the generated bundle is loaded in Node.js or a browser.
## Description
`lib/precompiler.js` generates JavaScript source by string-interpolating several values directly into the output. Four distinct injection points exist:
### 1. Template name injection
```javascript
// Vulnerable code pattern
output += 'templates["' + template.name + '"]
OSV
CVE-2026-33941: Handlebars provides the power necessary to let users build semantic templates
osv·2026-03-27·CVSS 8.2
CVE-2026-33941 [HIGH] CVE-2026-33941: Handlebars provides the power necessary to let users build semantic templates
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly into the JavaScript it emits, without any escaping or sanitization. An attacker who can influence template filenames or CLI arguments can inject arbitrary JavaScript that executes when the generated bundle is loaded in Node.js or a browser. Version 4.7.9 fixes the issue. Some workarounds are available. First, validate all CLI inputs before invoking the precompiler. Reject filenames and option values that contain characters with JavaScript string-escaping significance (`"`, `'`, `;`, etc.). Second, use a fixed, trust
OSV
Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
osv·2026-03-27
CVE-2026-33941 [HIGH] Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
## Summary
The Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly into the JavaScript it emits, without any escaping or sanitization. An attacker who can influence template filenames or CLI arguments can inject arbitrary JavaScript that executes when the generated bundle is loaded in Node.js or a browser.
## Description
`lib/precompiler.js` generates JavaScript source by string-interpolating several values directly into the output. Four distinct injection points exist:
### 1. Template name injection
```javascript
// Vulnerable code pattern
output += 'templates["' + template.name + '"]
Red Hat
handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw
vendor_redhat·2026-03-27·CVSS 8.2
CVE-2026-33941 [HIGH] CWE-94 handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw
handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly into the JavaScript it emits, without any escaping or sanitization. An attacker who can influence template filenames or CLI arguments can inject arbitrary JavaScript that executes when the generated bundle is loaded in Node.js or a browser. Version 4.7.9 fixes the issue. Some workarounds are available. First, validate all CLI inputs before invoking the precompiler. Reject filenames and option values that contain characte
Debian
CVE-2026-33941: node-handlebars - Handlebars provides the power necessary to let users build semantic templates. I...
vendor_debian·2026·CVSS 8.2
CVE-2026-33941 [HIGH] CVE-2026-33941: node-handlebars - Handlebars provides the power necessary to let users build semantic templates. I...
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly into the JavaScript it emits, without any escaping or sanitization. An attacker who can influence template filenames or CLI arguments can inject arbitrary JavaScript that executes when the generated bundle is loaded in Node.js or a browser. Version 4.7.9 fixes the issue. Some workarounds are available. First, validate all CLI inputs before invoking the precompiler. Reject filenames and option values that contain characters with JavaScript string-escaping significance (`"`, `'`, `;`, etc.). Second, use a fixed, trust
No detection rules found.
No public exploits indexed.
Wiz
GHSA-442j-39wm-28r2 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
[HIGH] GHSA-442j-39wm-28r2 Impact, Exploitability, and Mitigation Steps | Wiz
## GHSA-442j-39wm-28r2 :
Handlebars vulnerability analysis and mitigation
## Summary
lib/handlebars/runtime.js
container.lookup()
container.lookupProperty()
depths[i][name]
lookupProperty
{compat: true}
depthedLookup
lib/handlebars/compiler/javascript-compiler.js
## Description
lib/handlebars/runtime.js
lookup: function (depths, name) {
const len = depths.length;
for (let i = 0; i < len; i++) {
let result = depths[i] && container.lookupProperty(depths[i], name);
if (result != null) {
return depths[i][name]; // BUG: should be `return result;`
}
}
},
container.lookupProperty()
hasOwnProperty
resultIsAllowed()
container.lookup()
lookupProperty
result != null
depths[i][name]
lookupProperty
## Workarounds
{ compat: true }
Ensure context data objects are plain JSON (
Wiz
CVE-2026-33941 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 2.8
CVE-2026-33941 [LOW] CVE-2026-33941 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-33941 :
Grafana vulnerability analysis and mitigation
bin/handlebars
lib/precompiler.js
"
'
;
Source : NVD
## 8.2
Score
Published March 27, 2026
Severity HIGH
CNA Score 8.2
Affected Technologies
Grafana
Wolfi
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 4.9
Exploitation Probability (EPSS) N/A
Affected packages and libraries
handlebars
389-ds:1.4::389-ds-base-legacy-tools
Sources
NVD
Chainguard Has Fix Added at: Mar 31, 2026
Debian 11, 12, 13 Severity HIGH No Fix Added at: Mar 29, 2026
Debian 14 Severity HIGH Has Fix Added at: Mar 29, 2026
Echo Severity HIGH No Fix Added at: Mar 29, 2026
npm Severity HIGH Has Fix Added at: Mar 29, 2026
Red Hat 7, 8, 9, 1
Wiz
GHSA-7rx3-28cr-v5wh Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.6
[MEDIUM] GHSA-7rx3-28cr-v5wh Impact, Exploitability, and Mitigation Steps | Wiz
## GHSA-7rx3-28cr-v5wh :
Handlebars vulnerability analysis and mitigation
## Summary
lib/handlebars/internal/proto-access.js
constructor
__defineGetter__
__defineSetter__
__lookupGetter__
__lookupSetter__
allowProtoMethodsByDefault: true
__lookupSetter__
4.6.0
protoAccessControl
allowProtoMethodsByDefault
## Description
lib/handlebars/internal/proto-access.js
const methodWhiteList = Object.create(null);
methodWhiteList['constructor'] = false;
methodWhiteList['__defineGetter__'] = false;
methodWhiteList['__defineSetter__'] = false;
methodWhiteList['__lookupGetter__'] = false;
// __lookupSetter__ intentionally blocked in CVE-2021-23383,
// but omitted here — creating an asymmetric blocklist
__defineGetter__
__defineSetter__
__lookupGetter__
__lookupSetter__
__lookupSe
Bugzilla
CVE-2026-33941 nextcloud: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [epel-all]
bugzilla·2026-03-28·CVSS 8.2
CVE-2026-33941 [HIGH] CVE-2026-33941 nextcloud: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [epel-all]
CVE-2026-33941 nextcloud: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [epel-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
FEDORA-2026-cb5661d883 (nextcloud-33.0.3-1.fc44) has been submitted as an update to Fedora 44.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-cb5661d883
---
FEDORA-EPEL-2026-f7ea7872a6 (nextcloud-33.0.3-1.el10_3) has been submitted as an update to Fedora EPEL 10.3.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-f7ea7872a6
---
FEDORA-EPEL-2026-6610e2eca4 (nextcloud-33.0.3-1.el10_2) has been submitted as an update to Fedor
Bugzilla
CVE-2026-33941 openbao: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [fedora-all]
bugzilla·2026-03-28·CVSS 8.2
CVE-2026-33941 [HIGH] CVE-2026-33941 openbao: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [fedora-all]
CVE-2026-33941 openbao: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
OpenBao does not have any javascript in the server, so this vulnerability is not applicable.
Bugzilla
CVE-2026-33941 openbao: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [epel-all]
bugzilla·2026-03-28·CVSS 8.2
CVE-2026-33941 [HIGH] CVE-2026-33941 openbao: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [epel-all]
CVE-2026-33941 openbao: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [epel-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
OpenBao does not have any javascript in the server, so this vulnerability is not applicable.
Bugzilla
CVE-2026-33941 nextcloud: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [fedora-all]
bugzilla·2026-03-28·CVSS 8.2
CVE-2026-33941 [HIGH] CVE-2026-33941 nextcloud: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [fedora-all]
CVE-2026-33941 nextcloud: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
FEDORA-2026-cb5661d883 (nextcloud-33.0.3-1.fc44) has been submitted as an update to Fedora 44.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-cb5661d883
---
FEDORA-EPEL-2026-f7ea7872a6 (nextcloud-33.0.3-1.el10_3) has been submitted as an update to Fedora EPEL 10.3.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-f7ea7872a6
---
FEDORA-EPEL-2026-6610e2eca4 (nextcloud-33.0.3-1.el10_2) has been submitted as an update to Fed
Bugzilla
CVE-2026-33941 handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw
bugzilla·2026-03-27·CVSS 8.2
CVE-2026-33941 [HIGH] CVE-2026-33941 handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw
CVE-2026-33941 handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly into the JavaScript it emits, without any escaping or sanitization. An attacker who can influence template filenames or CLI arguments can inject arbitrary JavaScript that executes when the generated bundle is loaded in Node.js or a browser. Version 4.7.9 fixes the issue. Some workarounds are available. First, validate all CLI inputs before invoking the precompiler. Reject filenames and option values that c
https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpfhttps://access.redhat.com/errata/RHSA-2026:10175https://access.redhat.com/security/cve/CVE-2026-33941https://bugzilla.redhat.com/show_bug.cgi?id=2452524https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33941.json
2026-03-27
Published