CVE-2026-33664 is a cross-site scripting vulnerability identified in Kestra versions up to 1.3.3, an open-source orchestration platform. The root cause is improper neutralization of user input during web page generation, specifically in the rendering of flow YAML metadata fields such as description, inputs[].displayName, and inputs[].description. These fields are processed by the Markdown.vue component with the html option enabled, and the resulting HTML is injected directly into the DOM using Vue.js's v-html directive without any sanitization or escaping. This design flaw enables a flow author with write access to embed arbitrary JavaScript code within these metadata fields. When other users view or interact with the affected flows, the malicious script executes in their browsers, potentially leading to session hijacking, credential theft, or unauthorized actions within the Kestra web interface. This vulnerability differs from CVE-2026-29082, which involves rendering markdown files from execution outputs and requires more user interaction. Here, the exploitation requires minimal user interaction (zero-click for inputs[].displayName). The vulnerability has a CVSS 3.1 score of 7.3, indicating high severity due to network attack vector, low complexity, and significant impact on confidentiality and integrity. No official patch or fix is currently available, increasing the urgency for mitigation. The flaw affects all deployments running Kestra versions 1.3.3 or earlier, especially those allowing multiple users to author or modify flows.

The impact of CVE-2026-33664 is significant for organizations using Kestra as it enables attackers with contributor privileges to execute arbitrary JavaScript in the browsers of other users. This can lead to theft of session tokens, unauthorized actions within the Kestra platform, data leakage, and potential lateral movement within the environment. Since Kestra is used for orchestration and automation, compromise could disrupt critical workflows or expose sensitive operational data. The vulnerability affects confidentiality and integrity but not availability directly. The ease of exploitation (low complexity) combined with the ability to execute code without user interaction increases risk. Organizations with multi-tenant or collaborative Kestra environments are particularly vulnerable. The lack of a patch means the window of exposure remains open, potentially inviting targeted attacks or exploitation in the wild. This could impact sectors relying on Kestra for automation, including technology, finance, and cloud service providers.

To mitigate CVE-2026-33664, organizations should immediately restrict flow authoring permissions to trusted users only, minimizing the risk of malicious metadata injection. Implement strict code review and validation processes for all flow YAML metadata before deployment. Disable or avoid enabling the html option in Markdown.vue rendering if possible, or modify the source code to sanitize or escape user-supplied input before rendering. Employ Content Security Policy (CSP) headers to limit the impact of injected scripts. Monitor Kestra logs and user activity for unusual behavior indicative of exploitation attempts. Consider isolating Kestra instances or restricting access to trusted networks. Stay alert for official patches or updates from the Kestra project and apply them promptly once available. If feasible, temporarily downgrade user interface privileges or disable web UI features that render user-supplied metadata until a fix is released.