Skip to main content

Tooljet

14 CVEs product

Monthly

CVE-2026-54344 MEDIUM PATCH This Month

Command injection in ToolJet's GitHub Actions render preview deployment workflow allows any GitHub user capable of commenting on an open pull request to execute arbitrary shell commands on the CI runner and exfiltrate deployment secrets. The root cause is unsanitized interpolation of `github.event.comment.body` directly into a bash conditional within a `run` step, meaning a single malicious PR comment can pivot to full CI runner compromise. No CISA KEV listing exists at time of analysis, but the attack technique - GitHub Actions expression injection - is extremely well-documented publicly, making practical exploitation trivial for any GitHub user with PR commenting rights.

Command Injection Tooljet
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2026-55411 MEDIUM PATCH This Month

Cross-tenant credential decryption in ToolJet prior to 3.20.1780-lts allows any authenticated user to retrieve plaintext data-source secrets belonging to any other organization on the same instance. The POST /api/data-sources/decrypt endpoint omits the ValidateDataSourceGuard present on all neighboring routes and performs no organization-scoped lookup, meaning a valid session from any tenant is sufficient to exfiltrate database passwords, API keys, and other stored secrets across tenant boundaries. No public exploit has been identified at time of analysis, but the attack is mechanically trivial for any user with a valid account and knowledge of a target credential_id.

Authentication Bypass Tooljet
NVD GitHub
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-55412 HIGH PATCH This Week

Server-side request forgery in ToolJet's RestAPI data source (versions prior to 3.20.178-lts) allows a low-privileged platform user to reach internal network endpoints because the private-IP filter validates only the hostname string rather than the resolved IP. By supplying a DNS name such as 169.254.169.254.nip.io, an attacker bypasses the filter and forces the server to query the Azure IMDS link-local endpoint, enabling theft of managed-identity tokens for the backing AKS production cluster. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the cloud-credential impact makes it a high-value SSRF.

SSRF Microsoft Tooljet
NVD GitHub
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-55413 CRITICAL PATCH Act Now

Stored code injection in ToolJet self-hosted (prior to 3.20.178-lts) lets any authenticated builder-role user - available on the free tier - overwrite a globally-shared marketplace plugin with arbitrary JavaScript that runs server-side with full Node.js capabilities (require, process). Because the poisoned plugin executes whenever any user on the instance runs a query that uses it, a single low-privileged account achieves remote code execution and an instance-wide supply-chain compromise. The flaw carries a CVSS 4.0 score of 9.4; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Code Injection Node.js RCE Tooljet
NVD GitHub
CVSS 4.0
9.4
EPSS
0.3%
CVE-2022-27979 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tooljet
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-27978 HIGH POC This Week

Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tooljet
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-4111 npm MEDIUM POC PATCH This Month

Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile pictures over 2MB. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3422 HIGH POC PATCH This Week

Account Takeover :: when see the info i can see the hash pass i can creaked it ............... Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Tooljet
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-3348 MEDIUM POC PATCH This Month

Just like in the previous report, an attacker could steal the account of different users. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub
CVSS 3.1
4.9
EPSS
0.8%
CVE-2022-3019 HIGH POC PATCH This Week

The forgot password token basically just makes us capable of taking over the account of whoever comment in an app that we can see (bruteforcing comment id's might also be an option but I wouldn't. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Tooljet
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-2631 HIGH POC PATCH This Week

Improper Access Control in GitHub repository tooljet/tooljet prior to v1.19.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Tooljet
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-2037 HIGH POC PATCH This Week

Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub
CVSS 3.1
8.0
EPSS
1.1%
CVE-2022-23068 MEDIUM POC PATCH This Month

ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection where an attacker can inject malicious code inside the first name and last name field while inviting a new user which will be. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection Tooljet
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-23067 HIGH POC PATCH This Week

ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover . Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Command injection in ToolJet's GitHub Actions render preview deployment workflow allows any GitHub user capable of commenting on an open pull request to execute arbitrary shell commands on the CI runner and exfiltrate deployment secrets. The root cause is unsanitized interpolation of `github.event.comment.body` directly into a bash conditional within a `run` step, meaning a single malicious PR comment can pivot to full CI runner compromise. No CISA KEV listing exists at time of analysis, but the attack technique - GitHub Actions expression injection - is extremely well-documented publicly, making practical exploitation trivial for any GitHub user with PR commenting rights.

Command Injection Tooljet
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-tenant credential decryption in ToolJet prior to 3.20.1780-lts allows any authenticated user to retrieve plaintext data-source secrets belonging to any other organization on the same instance. The POST /api/data-sources/decrypt endpoint omits the ValidateDataSourceGuard present on all neighboring routes and performs no organization-scoped lookup, meaning a valid session from any tenant is sufficient to exfiltrate database passwords, API keys, and other stored secrets across tenant boundaries. No public exploit has been identified at time of analysis, but the attack is mechanically trivial for any user with a valid account and knowledge of a target credential_id.

Authentication Bypass Tooljet
NVD GitHub
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Server-side request forgery in ToolJet's RestAPI data source (versions prior to 3.20.178-lts) allows a low-privileged platform user to reach internal network endpoints because the private-IP filter validates only the hostname string rather than the resolved IP. By supplying a DNS name such as 169.254.169.254.nip.io, an attacker bypasses the filter and forces the server to query the Azure IMDS link-local endpoint, enabling theft of managed-identity tokens for the backing AKS production cluster. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the cloud-credential impact makes it a high-value SSRF.

SSRF Microsoft Tooljet
NVD GitHub
EPSS 0% CVSS 9.4
CRITICAL PATCH Act Now

Stored code injection in ToolJet self-hosted (prior to 3.20.178-lts) lets any authenticated builder-role user - available on the free tier - overwrite a globally-shared marketplace plugin with arbitrary JavaScript that runs server-side with full Node.js capabilities (require, process). Because the poisoned plugin executes whenever any user on the instance runs a query that uses it, a single low-privileged account achieves remote code execution and an instance-wide supply-chain compromise. The flaw carries a CVSS 4.0 score of 9.4; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Code Injection Node.js RCE +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tooljet
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH POC This Week

Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tooljet
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile pictures over 2MB. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Account Takeover :: when see the info i can see the hash pass i can creaked it ............... Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Tooljet
NVD GitHub VulDB
EPSS 1% CVSS 4.9
MEDIUM POC PATCH This Month

Just like in the previous report, an attacker could steal the account of different users. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

The forgot password token basically just makes us capable of taking over the account of whoever comment in an app that we can see (bruteforcing comment id's might also be an option but I wouldn't. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Tooljet
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Improper Access Control in GitHub repository tooljet/tooljet prior to v1.19.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Tooljet
NVD GitHub
EPSS 1% CVSS 8.0
HIGH POC PATCH This Week

Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

ToolJet versions v0.6.0 to v1.10.2 are vulnerable to HTML injection where an attacker can inject malicious code inside the first name and last name field while inviting a new user which will be. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection Tooljet
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover . Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Tooljet
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy