CVE-2026-33881 | windmill-labs windmill up to 1.663.x Environment Variable code injection (GHSA-8q8j-mm3g-5c2q)

A vulnerability marked as critical has been reported in windmill-labs windmill up to 1.663.x. Impacted is an unknown function of the component Environment Variable Handler. The manipulation leads to code injection.

This vulnerability is traded as CVE-2026-33881. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More