Windmill-Labs Windmill vulnerabilities
4 known vulnerabilities affecting windmill-labs/windmill.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH3LOW1
Vulnerabilities
Page 1 of 1
CVE-2026-29059P2HIGHCVSS 7.5PoCfixed in 1.603.32026-03-06
CVE-2026-29059 [HIGH] CWE-22 CVE-2026-29059: Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows an
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's get_log_file endpoint "(/api/w/{workspace}/jobs_u/get_log_file/{filename})". The filename parameter is concatenated into a file path without sanitizatio
nvd
CVE-2026-47107P3HIGHCVSS 8.1fixed in 1.703.22026-05-19
CVE-2026-47107 [HIGH] CWE-276 CVE-2026-47107: Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox
Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and /etc/ssl/certs/ca-certificates.crt from within script execution sandboxes. Attack
nvd
CVE-2026-33881P3HIGHCVSS 7.2fixed in 1.664.02026-03-27
CVE-2026-33881 [HIGH] CWE-94 CVE-2026-33881: Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows an
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Workspace environment variable values are interpolated into JavaScript string literals without escaping single quotes in the NativeTS executor. A workspace admin who sets a custom environment variable with a value containing `'` can inject arbitra
nvd
CVE-2026-26964P4LOWCVSS 2.7fixed in 1.635.02026-02-20
CVE-2026-26964 [LOW] CWE-200 CVE-2026-26964: Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows an
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Versions 1.634.6
and below allow non-admin users to obtain Slack OAuth client secrets, which should only be accessible to workspace administrators. The GET /api/w/{workspace}/workspaces/get_settings endpoint returns the slack_oauth_client_secret t
nvd