CVE-2026-33881 is a code injection vulnerability classified under CWE-94, found in Windmill, an open-source developer platform used for managing internal code such as APIs, background jobs, workflows, and UIs. The vulnerability stems from improper handling of workspace environment variables within the NativeTS executor, specifically in the worker.rs file. Environment variable values are interpolated directly into JavaScript string literals without escaping single quotes, allowing a workspace administrator to inject arbitrary JavaScript code by including a single quote in a custom environment variable. This injected code executes in the context of every NativeTS script running in that workspace, potentially compromising the confidentiality, integrity, and availability of the environment. Exploitation requires workspace admin privileges but no user interaction, and the vulnerability is not related to sandboxing or NSJAIL containment. The flaw affects all Windmill versions prior to 1.664.0, which includes the vulnerable interpolation logic. The vendor has addressed the issue in version 1.664.0 by implementing proper escaping or sanitization of environment variable values. The CVSS 4.0 base score is 7.3, reflecting network attack vector, low attack complexity, no authentication beyond admin privileges, and high impact on confidentiality, integrity, and availability. No public exploits have been reported yet, but the vulnerability poses a significant risk in environments where Windmill is used for internal development workflows.

The vulnerability allows a workspace administrator to execute arbitrary JavaScript code within every NativeTS script in the affected Windmill workspace. This can lead to unauthorized access to sensitive data, manipulation or corruption of internal workflows, and potential disruption of critical development processes. Since Windmill is used for internal code management, exploitation could compromise APIs, background jobs, and user interfaces, undermining the integrity and availability of internal systems. The requirement for workspace admin privileges limits the attack surface but insider threats or compromised admin accounts could leverage this flaw to escalate privileges or move laterally within an organization. The lack of user interaction needed means the attack can be automated or triggered silently. Organizations relying on Windmill for internal development and deployment pipelines could face significant operational and security risks if this vulnerability is exploited.

Organizations should immediately upgrade Windmill to version 1.664.0 or later, where the vulnerability is patched. Until the upgrade is applied, restrict workspace admin privileges strictly to trusted personnel and monitor environment variable changes closely. Implement auditing and alerting on modifications to environment variables containing special characters, especially single quotes. Consider isolating Windmill environments and limiting network exposure to reduce the risk of exploitation. Review and harden internal access controls and credential management to prevent unauthorized admin access. Additionally, conduct code reviews and penetration testing focused on injection vectors within internal developer platforms. Employ runtime monitoring to detect anomalous script execution within NativeTS environments. Finally, educate administrators about the risks of injecting untrusted input into environment variables and enforce policies to sanitize inputs before use.