Wrangler
CVE-2026-0933
CRITICAL
Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
SummaryA command injection vulnerability (CWE-78) has been found to exist in the wrangler pages deploy command. The issue occurs because the --commit-hash parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of --commit-hash to execute arbitrary commands on the system running Wrangler.
Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(git show -s --format=%B ${commitHash})). Shell metacharacters are interpreted by the shell, enabling command execution.
ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where wrangler pages deploy is used in automated pipelines and the
--commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to:
- Run any shell command.
- Exfiltrate environment variables.
- Compromise the CI runner to install backdoors or modify build artifacts.
Credits Disclosed responsibly by kny4hacker.
Mitigation
- Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher.
- Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher.
- Users on Wrangler v2 (EOL) should upgrade to a supported major version.
AnalysisAI
Cloudflare Wrangler CLI has a CVSS 9.9 command injection vulnerability in the 'wrangler pages deploy' command that allows arbitrary code execution during deployment.
Technical ContextAI
The wrangler pages deploy command in Cloudflare's Wrangler CLI has a CWE-20 input validation flaw that allows command injection (CWE-78) through specially crafted deployment parameters or file names.
RemediationAI
Update Wrangler CLI. Sanitize file names in deployment pipelines. Use minimal CI/CD permissions.
The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. Rated high seve
Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the
The Wrangler command line tool (<=wrangler@3.1.0 or <=wrangler@2.20.1) was affected by a directory traversal vulnerabili
Same weakness CWE-20 – Improper Input Validation
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-36p8-mvp6-cv38