CVE-2026-55411 - Vulnerability Details

- ToolJet: Cross-tenant credential decryption (IDOR) in POST /api/data-sources/decrypt — any authenticated user can decrypt any organization's data-source secrets

Description

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.1780-lts, the authenticated endpoint POST /api/data-sources/decrypt returns the decrypted plaintext for any credential whose credential_id is supplied in the request body. Unlike every neighbouring data-source route, this handler is not protected by ValidateDataSourceGuard, does not receive the calling @User(), and the underlying CredentialsService.getValue() looks the credential up by id only, with no organization scoping. As a result, any authenticated user of any organization can decrypt the data-source secrets of any other organization by supplying that organization's credential_id — a cross-tenant confidentiality breach. This vulnerability is fixed in 3.20.1780-lts.

Published: 2026-06-25

Score: 6.8 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The decrypted credential endpoint POST /api/data-sources/decrypt in ToolJet inadvertently exposes any credential's plaintext when a credential_id is supplied by a caller. Because the handler lacks organization scoping and fails to apply the ValidateDataSourceGuard, any authenticated user can retrieve the secrets of any other organization. This is an authorization bypass that results in cross‑tenant confidentiality exposure, classifying the flaw under CWE‑639 and CWE‑863.

Affected Systems

ToolJet deployments running a version prior to 3.20.1780‑lts are affected. The vulnerability is present in the open‑source ToolJet platform and all instances exposing the decryption endpoint are susceptible.

Risk and Exploitability

With a CVSS score of 6.8 the flaw is considered medium severity. The lack of an EPSS score and the absence from CISA's KEV catalog suggest that exploitation is not widely documented, but the attack remains possible for any legitimate user with access to a ToolJet installation—there is no additional privileged privilege required. The vulnerability enables direct theft of sensitive credentials across organizational boundaries, increasing the potential impact if attackers gain authenticated access within an organization.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

ToolJet

affected

Version	Status	Constraints
`< 3.20.1780-lts`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to ToolJet 3.20.1780‑lts or later to apply the security fix.
Restrict user permissions so that only trusted users can access the data‑source decryption endpoint, for example by revoking API roles or adjusting role‑based access control.
As a temporary containment measure, disable the /api/data-sources/decrypt route or shield it behind a network‑segmentation layer or API gateway until the patch is deployed.

Generated by OpenCVE AI on June 25, 2026 at 18:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/ToolJet/ToolJet/security/advisories/GHSA-x7qj-hfg8-p4cw

History

Thu, 25 Jun 2026 18:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 25 Jun 2026 16:45:00 +0000

Type	Values Removed	Values Added
Description		ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.1780-lts, the authenticated endpoint POST /api/data-sources/decrypt returns the decrypted plaintext for any credential whose credential_id is supplied in the request body. Unlike every neighbouring data-source route, this handler is not protected by ValidateDataSourceGuard, does not receive the calling @User(), and the underlying CredentialsService.getValue() looks the credential up by id only, with no organization scoping. As a result, any authenticated user of any organization can decrypt the data-source secrets of any other organization by supplying that organization's credential_id — a cross-tenant confidentiality breach. This vulnerability is fixed in 3.20.1780-lts.
Title		ToolJet: Cross-tenant credential decryption (IDOR) in POST /api/data-sources/decrypt — any authenticated user can decrypt any organization's data-source secrets
Weaknesses		CWE-639 CWE-863
References		https://github.com/ToolJet/ToolJet/security/advisories/GHSA-x7qj-hfg8-p4cw
Metrics		cvssV3_1 `{'score': 6.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-06-25T16:08:14.766Z

Updated: 2026-06-25T17:53:12.117Z

Reserved: 2026-06-16T21:48:43.125Z

Link: CVE-2026-55411

Vulnrichment

Updated: 2026-06-25T17:52:58.901Z

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-25T18:15:04Z

Weaknesses

CWE-639
Authorization Bypass Through User-Controlled Key
CWE-863
Incorrect Authorization

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object