CVE-2026-33620 - Vulnerability Details

- PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems

Description

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.7.8` through `v0.8.3` accepted the API token from a `token` URL query parameter in addition to the `Authorization` header. When a valid API credential is sent in the URL, it can be exposed through request URIs recorded by intermediaries or client-side tooling, such as reverse proxy access logs, browser history, shell history, clipboard history, and tracing systems that capture full URLs. This issue is an unsafe credential transport pattern rather than a direct authentication bypass. It only affects deployments where a token is configured and a client actually uses the query-parameter form. PinchTab's security guidance already recommended `Authorization: Bearer <token>`, but `v0.8.3` still accepted `?token=` and included first-party flows that generated and consumed URLs containing the token. This was addressed in v0.8.4 by removing query-string token authentication and requiring safer header- or session-based authentication flows.

Published: 2026-03-26

Score: 4.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

PinchTab versions 0.7.8 through 0.8.3 accepted API tokens via a query parameter named token in addition to the recommended Authorization header. When a token is passed in this way the full request URL, which contains the bearer token, can be written to logs, stored in browser history, captured by shell history, or transmitted to other systems that record entire URLs. This exposes bearer credentials to anyone who can read these logs or history entries, providing a pathway for credential theft. The weakness corresponds to CWE-598, an unsafe credential transport pattern. No direct authentication bypass occurs, but the confidentiality of the token is compromised.

Affected Systems

The affected product is PinchTab, a standalone HTTP server that gives AI agents control over a Chrome browser. The vulnerability exists in releases from version 0.7.8 up to, but not including, version 0.8.4. Deployments that have token authentication enabled and use the query‑parameter form are impacted. PinchTab’s own security guidance recommended using the Authorization bearer header, and the vendor removed query‑string token authentication in v0.8.4.

Risk and Exploitability

The CVSS score of 4.3 indicates moderate impact with mainly confidentiality concerns. The EPSS score is below 1%, suggesting low probability of mass exploitation at present, and it is not listed in the CISA KEV catalog. Exploitation requires the attacker to either intercept network traffic or to gain read access to the environment where request URLs are logged or stored. Because the token is transmitted over the wire, an adversary could obtain it from logs, browser history, or shell history if they can read those files or processes. The risk is therefore limited to environments where the query‑parameter form is in use and logs are accessible to potential attackers. The vendor’s fix in v0.8.4 eliminates the possibility of this credential leakage.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

pinchtab

affected

Version	Status	Constraints
`>= 0.7.8, < 0.8.4`	affected	—

Configuration 1 [-]

cpe:2.3:a:pinchtab:pinchtab:*:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Pinchtab

100%

Version	Status	Scheme	Platform
`[0.7.8,0.8.4)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update PinchTab to version 0.8.4 or later to remove query‑string token authentication.
Verify that no older versions are running in the environment.
Review and purge any logs, browser history, or shell history that may contain URLs with revealed tokens.
Rotate or revoke any API tokens that may have been exposed.
Ensure future deployments enforce bearer header or session‑based authentication only.

Generated by OpenCVE AI on March 31, 2026 at 17:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-mrqc-3276-74f8	PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00072.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/pinchtab/pinchtab/releases/tag/v0.8.4
https://github.com/pinchtab/pinchtab/security/advisories/GHSA-mrqc-3276-74f8

History

Tue, 31 Mar 2026 16:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:pinchtab:pinchtab::::::::

Mon, 30 Mar 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 27 Mar 2026 08:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Pinchtab Pinchtab pinchtab
Vendors & Products		Pinchtab Pinchtab pinchtab

Thu, 26 Mar 2026 21:00:00 +0000

Type	Values Removed	Values Added
Description		PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.7.8` through `v0.8.3` accepted the API token from a `token` URL query parameter in addition to the `Authorization` header. When a valid API credential is sent in the URL, it can be exposed through request URIs recorded by intermediaries or client-side tooling, such as reverse proxy access logs, browser history, shell history, clipboard history, and tracing systems that capture full URLs. This issue is an unsafe credential transport pattern rather than a direct authentication bypass. It only affects deployments where a token is configured and a client actually uses the query-parameter form. PinchTab's security guidance already recommended `Authorization: Bearer <token>`, but `v0.8.3` still accepted `?token=` and included first-party flows that generated and consumed URLs containing the token. This was addressed in v0.8.4 by removing query-string token authentication and requiring safer header- or session-based authentication flows.
Title		PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems
Weaknesses		CWE-598
References		https://github.com/pinchtab/pinchtab/releases/tag/v0.8.4 https://github.com/pinchtab/pinchtab/security/advisories/GHSA-mrqc-3276-74f8
Metrics		cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N'}`

Subscriptions

Pinchtab Pinchtab

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-03-26T20:40:27.026Z

Updated: 2026-03-30T14:54:23.611Z

Reserved: 2026-03-23T14:24:11.616Z

Link: CVE-2026-33620

Vulnrichment

Updated: 2026-03-30T14:43:53.941Z

NVD

Status : Analyzed

Published: 2026-03-26T21:17:06.410

Modified: 2026-03-31T15:56:34.637

Link: CVE-2026-33620

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-31T20:08:40Z

Weaknesses

CWE-598

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object