CVE-2026-55413
Deferred Deferred - Pending Action
Authenticated JavaScript RCE in ToolJet via Plugin Overwrite

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: GitHub, Inc.

Description
ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, any authenticated user with builder role (free tier) can overwrite a globally-shared marketplace plugin with arbitrary JavaScript that executes server-side with full Node.js access (require, process). The malicious code runs whenever any user on the instance triggers a query using that plugin β€” achieving both RCE and supply-chain compromise of the entire ToolJet deployment. This vulnerability is fixed in 3.20.178-lts.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-26
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-55413
EUVD
EUVD-2026-39467
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tooljet tooljet to 3.20.178-lts (exc)
tooljet tooljet From 3.0.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows authenticated users with builder roles to execute arbitrary code on the ToolJet server and compromise the entire deployment, including access to environment variables and internal resources.

Such unauthorized access and control over the system could lead to exposure or manipulation of sensitive data, which may impact compliance with standards and regulations like GDPR and HIPAA that require strict controls over data confidentiality, integrity, and availability.

However, the provided information does not explicitly discuss compliance impacts or specific regulatory requirements.

Executive Summary

This vulnerability affects ToolJet, an open-source AI-native platform for building internal tools. Before version 3.20.178-lts, any authenticated user with the builder role on the free tier could overwrite a globally-shared marketplace plugin with arbitrary JavaScript code. This malicious code executes server-side with full Node.js access, including the ability to use require and process modules.

The malicious code runs whenever any user on the ToolJet instance triggers a query using the compromised plugin. This leads to remote code execution (RCE) and a supply-chain compromise of the entire ToolJet deployment.

The vulnerability was fixed in version 3.20.178-lts.

Impact Analysis

This vulnerability can have severe impacts because it allows an authenticated user with limited privileges (builder role) to execute arbitrary code on the server with full Node.js access.

An attacker can overwrite a shared plugin with malicious JavaScript, which will execute whenever any user triggers a query using that plugin. This can lead to remote code execution, allowing the attacker to take full control of the ToolJet deployment.

Such control can result in data theft, service disruption, or further compromise of connected systems, effectively causing a supply-chain compromise.

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade ToolJet to version 3.20.178-lts or later, where the issue is fixed.

Additionally, restrict builder role access to trusted users only, as the vulnerability allows any authenticated user with builder role to execute arbitrary server-side JavaScript.

Detection Guidance

Detection of this vulnerability involves identifying if any marketplace plugin has been overwritten with malicious JavaScript code by an authenticated user with builder privileges. Since the malicious code executes server-side with full Node.js access when a query triggers the poisoned plugin, monitoring for unusual or unauthorized plugin updates and suspicious server-side JavaScript execution is key.

Suggested detection steps include:

  • Check for recent PATCH requests to the plugin update endpoint from builder role users, which may indicate unauthorized plugin overwrites.
  • Audit plugin code in the marketplace plugins directory or repository for unexpected or suspicious JavaScript code, especially code that uses Node.js modules like `require` or accesses `process`.
  • Monitor server logs for execution of unusual JavaScript code or commands triggered by plugin queries.
  • Look for network activity or logs indicating queries triggering the compromised plugin.

Example commands that might help in detection (assuming access to the ToolJet server and logs):

  • Use `grep` to find suspicious usage of `require` or `process` in plugin files: `grep -rE "require|process" /path/to/tooljet/plugins/`
  • Check recent PATCH requests to the plugin update API endpoint in web server or application logs: `grep PATCH /var/log/tooljet/access.log | grep "/api/plugins/"`
  • Monitor running Node.js processes for unexpected child processes or commands spawned by plugins.
  • Review audit logs for builder role user activities related to plugin updates.

Since the attack requires an authenticated builder user and involves overwriting globally-shared marketplace plugins, focusing on authorization boundaries and plugin integrity verification in your monitoring strategy is essential.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55413. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart