CVE-2026-33530
Published: 26 March 2026
Summary
CVE-2026-33530 is a high-severity Exposure of Sensitive Information Through Data Queries (CWE-202) vulnerability in Inventree Project Inventree. Its CVSS base score is 7.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 10.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validation of the filters parameter in bulk API endpoints to block unauthorized Django ORM field traversals and lookups, directly preventing blind boolean-based data exfiltration.
Mandates timely identification, reporting, and correction of the specific flaw in API endpoints lacking field allowlisting, as addressed by patches in InvenTree 1.2.6 and 1.3.0.
Enforces logical access controls in API endpoints to restrict low-privileged authenticated users from traversing model relationships and accessing sensitive database information.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vuln in public API endpoints (/api/part/, etc.) allows direct exploitation of the web app (T1190); crafted filters enable blind extraction of sensitive data from the backend database (T1005).
NVD Description
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, certain API endpoints associated with bulk data operations can be hijacked to exfiltrate sensitive information from the database. The bulk operation API endpoints (e.g. `/api/part/`, `/api/stock/`, `/api/order/so/allocation/`, and…
more
others) accept a filters parameter that is passed directly to Django's ORM queryset.filter(**filters) without any field allowlisting. This enables any authenticated user to traverse model relationships using Django's __ lookup syntax and perform blind boolean-based data extraction. This issue is patched in version 1.2.6, and 1.3.0 (or above). Users should update to the patched versions. No known workarounds are available.
Deeper analysisAI
CVE-2026-33530 affects InvenTree, an open source inventory management system, in versions prior to 1.2.6. The vulnerability arises in certain API endpoints for bulk data operations, such as `/api/part/`, `/api/stock/`, `/api/order/so/allocation/`, and others. These endpoints accept a `filters` parameter that is passed directly to Django's ORM `queryset.filter(**filters)` without field allowlisting, enabling traversal of model relationships via Django's `__` lookup syntax for blind boolean-based data extraction from the database. It is rated 7.7 on the CVSS 3.1 scale (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) and maps to CWE-202 (Observable Discrepancy).
Any authenticated user with low privileges can exploit this over the network with low complexity and no user interaction. By crafting malicious `filters` parameters, attackers can hijack bulk operation endpoints to exfiltrate sensitive database information across model relationships, achieving high confidentiality impact in a changed scope without affecting integrity or availability.
The issue is patched in InvenTree versions 1.2.6 and 1.3.0 or above; users should update to these versions. No known workarounds are available. Details are provided in the GitHub security advisory (GHSA-m8j2-vfmq-p6qg) and the patching pull request (#11581).
Details
- CWE(s)