Cyber Resilience

CVE-2026-33664

HighPublic PoC

Published: 26 March 2026

Published
26 March 2026
Modified
31 March 2026
KEV Added
Patch
CVSS Score v3.1 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
EPSS Score 0.0006 19.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33664 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Kestra Kestra. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique JavaScript (T1059.007); ranked at the 19.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-15 (Information Output Filtering) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-33664 is a cross-site scripting (XSS) vulnerability (CWE-79) affecting Kestra, an open-source event-driven orchestration platform, in versions up to and including 1.3.3. The issue arises because user-supplied flow YAML metadata fields—specifically description, inputs[].displayName, and inputs[].description—are rendered through the Markdown.vue component with html: true enabled. The resulting HTML is then injected into the DOM using Vue's v-html directive without any sanitization, allowing malicious payloads to be executed.

A flow author with low privileges (PR:L) can exploit this by embedding arbitrary JavaScript in the affected YAML fields. When any user views or interacts with the flow in their browser, the JavaScript executes in that user's context. Exploitation requires low attack complexity over the network (AV:N/AC:L/UI:R) but some user interaction, with potential for high confidentiality and integrity impacts (C:H/I:H). Notably, inputs[].displayName enables zero-click execution upon viewing.

The GitHub security advisory (GHSA-v2mc-8q95-g7hp) details the vulnerability, distinguishing it from CVE-2026-29082/GHSA-r36c-83hm-pc8j, which affects different components (FilePreview.vue) and data sources with higher interaction requirements. As of publication, it remains unclear if a patch is available for this issue.

EU & UK References

Vulnerability details

Kestra is an open-source, event-driven orchestration platform Versions up to and including 1.3.3 render user-supplied flow YAML metadata fields — description, inputs[].displayName, inputs[].description — through the Markdown.vue component instantiated with html: true. The resulting HTML is injected into the DOM…

more

via Vue's v-html without any sanitization. This allows a flow author to embed arbitrary JavaScript that executes in the browser of any user who views or interacts with the flow. This is distinct from GHSA-r36c-83hm-pc8j / CVE-2026-29082, which covers only FilePreview.vue rendering .md files from execution outputs. The present finding affects different components, different data sources, and requires significantly less user interaction (zero-click for input.displayName). As of time of publication, it is unclear if a patch is available.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.007 JavaScript Execution
Adversaries may abuse various implementations of JavaScript for execution.
T1080 Taint Shared Content Lateral Movement
T1185 Browser Session Hijacking Collection
Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.
Why these techniques?

Stored XSS in shared flow YAML metadata directly enables tainting of content viewed by other users (T1080), arbitrary JavaScript execution in the browser (T1059.007), and session hijacking via stolen tokens/cookies (T1185).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-29082Same product: Kestra Kestra
CVE-2026-34612Same product: Kestra Kestra
CVE-2025-27279Shared CWE-79
CVE-2025-24541Shared CWE-79
CVE-2024-56036Shared CWE-79
CVE-2016-20032Shared CWE-79
CVE-2025-1401Shared CWE-79
CVE-2025-24416Shared CWE-79
CVE-2026-34566Shared CWE-79
CVE-2026-24744Shared CWE-79

Affected Assets

kestra
kestra
≤ 1.3.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates XSS by requiring filtering or sanitization of user-supplied YAML metadata before rendering via v-html in the browser DOM.

prevent

Validates inputs in flow YAML metadata fields like description and inputs[].displayName to reject or escape malicious HTML/JavaScript payloads.

prevent

Remediates the flaw in Markdown.vue by applying patches or fixes to disable unsafe html: true rendering and enforce sanitization.

References