Windmill-labs Windmill
4 CVEs affecting Windmill-labs Windmill. Latest disclosed: 2026-05-19. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-47107 | High | 8.1 | 2026-05-19 | Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read… |
CVE-2026-26964 | Low | 2.7 | 2026-02-19 | Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Versions 1.634.6 and below allow non-admin users to… |
CVE-2026-33881 | | 2026-03-27 | Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Workspace environment variable values are interpolat… | |
CVE-2026-29059 | | 2026-03-06 | Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path tr… |