CVE-2026-0933

Critical

Published: 20 January 2026

Published

20 January 2026

Modified

27 January 2026

KEV Added

—

Patch

—

CVSS Score 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.0006 18.4th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-0933 is a critical-severity Improper Input Validation (CWE-20) vulnerability in Cloudflare Wrangler. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 18.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Command and Scripting Interpreter (T1059) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires validation and sanitization of the attacker-controlled --commit-hash input to block shell metacharacters from enabling command injection in the execSync git command.

SI-2 Flaw Remediation good match

prevent

Mandates timely identification, reporting, and patching of the command injection flaw by upgrading to Wrangler versions with proper input handling.

AC-6 Least Privilege partial match

prevent

Enforces least privilege on CI/CD processes running wrangler pages deploy, limiting the damage potential of injected arbitrary shell commands.

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

T1059.004 Unix Shell Execution

Adversaries may abuse Unix shell commands and scripts for execution.

attack.mitre.org →

Why these techniques?

Command injection via unsanitized --commit-hash param directly enables arbitrary Unix shell command execution (T1059.004) through execSync/git invocation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control…

of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.

Deeper analysisAI

CVE-2026-0933 is a command injection vulnerability (CWE-78) in the `wrangler pages deploy` command of Wrangler, a component of the Cloudflare Workers SDK. The issue arises because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization. Specifically, the commitHash variable derived from this CLI argument is interpolated into a shell command using template literals, such as `execSync('git show -s --format=%B ${commitHash}')`, allowing shell metacharacters to be interpreted and enabling arbitrary command execution on the system running Wrangler.

Exploitation requires an attacker to control the `--commit-hash` parameter, which is generally difficult outside of specific scenarios. The vulnerability primarily impacts CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the parameter is populated from external, potentially untrusted sources, such as repository commits. A successful exploit allows the attacker to run any shell command, exfiltrate environment variables, or compromise the CI runner by installing backdoors or modifying build artifacts. The CVSS score is 9.9 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), reflecting high impact with network accessibility and low privileges required.

Advisories recommend upgrading to mitigate the vulnerability: Wrangler v4 users should update to v4.59.1 or higher, v3 users to v3.114.17 or higher, and v2 users (end-of-life) should migrate to a supported major version. Additional details are available in the Cloudflare Workers SDK repository at https://github.com/cloudflare/workers-sdk. The issue was disclosed responsibly by kny4hacker.