CVE-2026-23696
Received Received - Intake
SQL Injection in Windmill Folder Ownership Enables Remote Code Execution

Publication date: 2026-04-07

Last updated on: 2026-04-07

Assigner: VulnCheck

Description
Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality that allows authenticated attackers to inject SQL through the owner parameter. An attacker can use the injection to read sensitive data such as the JWT signing secret and administrative user identifiers, forge an administrative token, and then execute arbitrary code via the workflow execution endpoints.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-07
Last Modified
2026-04-07
Generated
2026-06-16
AI Q&A
2026-04-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23696
EUVD
EUVD-2026-19748
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
windmill windmill From 1.276.0 (inc) to 1.603.2 (inc)
windmill windmill From 1.56.0 (inc) to 1.614.0 (inc)
nextcloud flow From 1.2.0 (inc) to 34.0.0 (exc)
windmill community_edition From 1.276.0 (inc) to 1.603.2 (inc)
windmill enterprise_edition From 1.276.0 (inc) to 1.603.2 (inc)
nextcloud flow From 1.0.0 (inc) to 1.2.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

CVE-2026-23696 is a critical authenticated SQL injection vulnerability that allows attackers to extract sensitive data such as JWT signing secrets and administrative user identifiers, forge administrative tokens, and execute arbitrary code remotely. This exposure of sensitive authentication credentials and administrative access could lead to unauthorized access to personal and protected data.

Such unauthorized access and potential data breaches can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict protection of personal and sensitive information, secure authentication mechanisms, and prevention of unauthorized data access.

Therefore, exploitation of this vulnerability could result in violations of data protection requirements, leading to legal and regulatory consequences for affected organizations.

Executive Summary

CVE-2026-23696 is a critical authenticated SQL injection vulnerability in Windmill, an open-source workflow automation platform, affecting versions 1.276.0 through 1.603.2. The flaw exists in the folder ownership management functionality, specifically through the "owner" parameter, which allows authenticated attackers to inject malicious SQL commands.

Exploiting this vulnerability enables attackers to read sensitive data such as the JWT signing secret and administrative user identifiers. With this information, they can forge administrative tokens, escalate privileges from an operator role to super admin, and execute arbitrary code remotely via workflow execution endpoints, potentially achieving root-level remote code execution within the container.

The vulnerability arises from improper input validation and insufficient access controls in the backend API, allowing manipulation of PostgreSQL queries. It is part of a complex attack chain involving privilege escalation, credential leaks, and remote code execution, affecting both standalone Windmill deployments and Nextcloud Flow integrations.

Impact Analysis

This vulnerability can have severe impacts including unauthorized access to sensitive information, such as JWT signing secrets and administrative user identifiers, which compromises the security of authentication tokens.

Attackers can escalate their privileges from an authenticated operator to a super administrator, allowing them to execute arbitrary code remotely with root-level access inside the container hosting Windmill.

Such exploitation can lead to full system compromise, including the ability to create and execute malicious scripts, maintain persistence, harvest credentials, deploy reverse shells, and potentially pivot to other integrated systems like Nextcloud for complete server takeover.

Detection Guidance

Detection of CVE-2026-23696 involves identifying exploitation attempts of the authenticated SQL injection vulnerability in Windmill's folder ownership management functionality, specifically targeting the "owner" parameter.

Since the vulnerability requires authentication, monitoring authenticated API requests to endpoints handling folder ownership changes can help detect suspicious activity.

Look for unusual or malformed SQL-related payloads in the "owner" parameter in API requests, which may include SQL syntax or injection patterns.

Network or system detection commands could include:

  • Using web server or API logs, grep for requests to folder ownership management endpoints containing suspicious SQL keywords or characters in the "owner" parameter, e.g., `grep -iE "owner=.*(union|select|--|;|')" /var/log/windmill/api.log`
  • Monitor database query logs for unusual queries involving the owner field or unexpected privilege escalations.
  • Check for anomalous JWT tokens or forged administrative tokens in authentication logs, which may indicate exploitation.

Because the vulnerability is authenticated and exploits SQL injection, detection is best performed by correlating API access logs, database logs, and authentication token anomalies.

Mitigation Strategies

Immediate mitigation steps for CVE-2026-23696 include:

  • Upgrade Windmill to version 1.603.3 or later, where the vulnerability has been patched by enforcing strict input validation on the "owner" parameter and preventing directory traversal.
  • If using Nextcloud Flow, upgrade to a version that includes the updated Windmill version with the fix.
  • Apply strict input validation and sanitization on any custom integrations or API calls involving folder ownership management.
  • Monitor and restrict authenticated user permissions to minimize the risk of privilege escalation.
  • Review and tighten access controls on workflow execution endpoints to prevent unauthorized code execution.

These steps help prevent exploitation by blocking injection vectors and limiting attacker capabilities.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23696. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart