Description

Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality that allows authenticated attackers to inject SQL through the owner parameter. An attacker can use the injection to read sensitive data such as the JWT signing secret and administrative user identifiers, forge an administrative token, and then execute arbitrary code via the workflow execution endpoints.

INFO

Published Date :

2026-04-07T16:50:53.231Z

Last Modified :

2026-04-08T03:55:43.162Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23696 vulnerability.

Vendors Products
Nextcloud
  • Flow
Windmill-labs
  • Windmil
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23696.

URL Resource
https://apps.nextcloud.com/apps/flow/releases cve-icon cve-icon
https://chocapikk.com/posts/2026/windfall-nextcloud-flow-windmill-rce/ cve-icon cve-icon
https://github.com/Chocapikk/Windfall cve-icon cve-icon
https://github.com/windmill-labs/windmill/commit/942fb629210ebb287f48467d1535ffde3a3eeafe cve-icon cve-icon
https://github.com/windmill-labs/windmill/releases/tag/v1.603.3 cve-icon cve-icon
https://www.vulncheck.com/advisories/windmill-file-ownership-handling-sqli-rce cve-icon cve-icon
https://www.windmill.dev/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact