CVE-2026-33620

{"id": "CVE-2026-33620", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2026-03-26T21:17:06.410", "references": [{"url": "https://github.com/pinchtab/pinchtab/releases/tag/v0.8.4", "tags": ["Product", "Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pinchtab/pinchtab/security/advisories/GHSA-mrqc-3276-74f8", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pinchtab/pinchtab/security/advisories/GHSA-mrqc-3276-74f8", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-598"}]}], "descriptions": [{"lang": "en", "value": "PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.7.8` through `v0.8.3` accepted the API token from a `token` URL query parameter in addition to the `Authorization` header. When a valid API credential is sent in the URL, it can be exposed through request URIs recorded by intermediaries or client-side tooling, such as reverse proxy access logs, browser history, shell history, clipboard history, and tracing systems that capture full URLs. This issue is an unsafe credential transport pattern rather than a direct authentication bypass. It only affects deployments where a token is configured and a client actually uses the query-parameter form. PinchTab's security guidance already recommended `Authorization: Bearer <token>`, but `v0.8.3` still accepted `?token=` and included first-party flows that generated and consumed URLs containing the token. This was addressed in v0.8.4 by removing query-string token authentication and requiring safer header- or session-based authentication flows."}, {"lang": "es", "value": "PinchTab es un servidor HTTP independiente que otorga a los agentes de IA control directo sobre un navegador Chrome. PinchTab 'v0.7.8' hasta 'v0.8.3' aceptaba el token de la API de un par\u00e1metro de consulta URL 'token' adem\u00e1s del encabezado 'Authorization'. Cuando una credencial de API v\u00e1lida se env\u00eda en la URL, puede ser expuesta a trav\u00e9s de URIs de solicitud registradas por intermediarios o herramientas del lado del cliente, como registros de acceso de proxy inverso, historial del navegador, historial de shell, historial del portapapeles y sistemas de rastreo que capturan URLs completas. Este problema es un patr\u00f3n de transporte de credenciales inseguro en lugar de una omisi\u00f3n de autenticaci\u00f3n directa. Solo afecta a las implementaciones donde se configura un token y un cliente realmente utiliza la forma de par\u00e1metro de consulta. La gu\u00eda de seguridad de PinchTab ya recomendaba 'Authorization: Bearer ', pero 'v0.8.3' a\u00fan aceptaba '?token=' e inclu\u00eda flujos de primera parte que generaban y consum\u00edan URLs que conten\u00edan el token. Esto se abord\u00f3 en v0.8.4 al eliminar la autenticaci\u00f3n de token en la cadena de consulta y al requerir flujos de autenticaci\u00f3n m\u00e1s seguros basados en encabezados o en la sesi\u00f3n."}], "lastModified": "2026-03-31T15:56:34.637", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pinchtab:pinchtab:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63622A95-2D68-404C-9E53-A6D65A4E8629", "versionEndExcluding": "0.8.4", "versionStartIncluding": "0.7.8"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}