Executive Summary

CVE-2026-33881 is a code injection vulnerability in the Windmill platform's NativeTS executor. It occurs because workspace environment variable values are inserted directly into single-quoted JavaScript string literals without escaping single quotes. This allows a workspace admin to set an environment variable containing a single quote to break out of the string literal and inject arbitrary JavaScript code.

The injected code executes inside every NativeTS script run in that workspace, running with the privileges of the script owner. This vulnerability arises from the backend file worker.rs where environment variables are interpolated without proper escaping.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows a workspace admin to inject and execute arbitrary JavaScript code inside every NativeTS script in the affected workspace. The injected code runs with the script owner's privileges, which can lead to several impacts:

• Theft of script outputs and modification of return values.
• Exfiltration of sensitive data, including user JWT tokens and emails.
• Reading sensitive files on the worker filesystem, such as /etc/passwd and configuration files.
• In unsandboxed deployments, attackers can access sensitive worker secrets like /proc/1/environ.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if any workspace environment variable contains single quotes that could break JavaScript string literals and inject code. Specifically, look for environment variables set by workspace admins that include payloads like: '; console.log("CODE_INJECTION_WORKS"); ' which would execute arbitrary JavaScript inside NativeTS scripts.

A practical detection method is to set an environment variable with a known injection payload and then run any NativeTS script to observe if the injected code executes, for example by checking job logs for injected console output.

Suggested commands include:

• Use the API endpoint `/api/w/{workspace}/workspaces/set_environment_variable` to set a test environment variable, e.g., `INJECTED_VAR` with a value containing a single quote and JavaScript code.
• Run a simple NativeTS script that returns a string like "hello".
• Check the job logs for evidence of the injected code execution, such as the output `CODE_INJECTION_WORKS`.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade Windmill to version 1.664.0 or later, where this vulnerability is patched.

The patch escapes single quotes and backslashes in environment variable values before interpolating them into JavaScript string literals, preventing code injection.

Until the upgrade is applied, avoid setting environment variables containing single quotes or other characters that could break JavaScript string literals.

Additionally, review and restrict workspace admin permissions to minimize the risk of malicious environment variable injection.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows a workspace admin to inject arbitrary JavaScript code that executes inside every NativeTS script in the workspace, potentially leading to theft of sensitive information such as user JWT tokens and emails.

Such unauthorized access and exfiltration of sensitive user data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls on personal and sensitive information.

Because the injected code runs with the script owner's privileges, it can access and exfiltrate confidential data, increasing the risk of data breaches and regulatory violations.

Useful 0 Not Useful 0