Listen to this Post
The `createWebhook()` function in the Vercel Workflow DevKit (specifically the `@workflow/core` npm package) contains a vulnerability that allows attackers to guess webhook tokens and inject malicious data. The function accepts a user-specified `token` parameter that serves as the sole credential for the public webhook endpoint located at /.well-known/workflow/v1/webhook/{token}. Official documentation previously recommended using predictable token patterns (such as github_webhook:repo_name), which significantly weakened the security model. An unauthenticated remote attacker can exploit this by brute-forcing or guessing these predictable tokens. Once a valid token is discovered, the attacker can send crafted HTTP POST requests to the endpoint. These requests resume the associated workflow with an attacker-controlled HTTP request body, allowing arbitrary data injection. This injected payload can trigger downstream side effects within the workflow’s execution context, potentially leading to unauthorized API calls, database writes, or unintended deployments. The vulnerability affects all versions prior to the patch. The issue is rooted in allowing developer-provided tokens instead of enforcing system-generated, cryptographically secure ones. The flaw is classified as an Insecure Direct Object Reference (IDOR) vulnerability . Vercel addressed this by removing the custom token option entirely in the patched version, ensuring all webhook tokens are randomly generated using `nanoid` .
dailycve form:
Platform: Vercel Workflow DevKit
Version: <= 4.1.0-beta.63
Vulnerability : Predictable Webhook Tokens
Severity: Medium
date: 2026-03-06
Prediction: Patch 2026-03-06
What Undercode Say:
Analytics:
- CVSS Score: 7.5 (High)
- CWE: CWE-639 (Authorization Bypass through User-Controlled Key)
- Attack Vector: Network (Remote)
- Affected Component: `createWebhook()` function
- Fixed in Version: 4.2.0-beta.64
Commands:
Identify if your project uses the vulnerable pattern
grep -r "createWebhook({" --include=".js" --include=".ts" .
grep -r "token:" --include=".js" --include=".ts" .
Check the current version of @workflow/core in your project
npm list @workflow/core
Update to the patched version
npm install @workflow/[email protected]
Example of a vulnerable token pattern (DO NOT USE)
const webhook = await createWebhook({ token: "github_webhook:main-repo" });
Example of the secure default (random nanoid)
const webhook = await createWebhook(); // No token provided
Exploit:
An attacker could exploit this by first identifying common naming conventions used for tokens (e.g., project names, environment names, service names). They would then send a series of GET or POST requests to the public endpoint.
Conceptual exploit attempt (replace {guessed_token} with predictable values)
curl -X POST https://your-app.vercel.app/.well-known/workflow/v1/webhook/github_webhook:main-repo \
-H "Content-Type: application/json" \
-d '{"malicious": "payload"}'
curl -X POST https://your-app.vercel.app/.well-known/workflow/v1/webhook/stripe-prod \
-H "Content-Type: application/json" \
-d '{"action": "unauthorized_deployment"}'
A successful guess allows the attacker to resume the workflow with full control over the request body, leading to unauthorized actions.
Protection from this CVE:
- Immediate Upgrade: Update `@workflow/core` to version `4.2.0-beta.64` or later immediately .
- Restart Active Runs: Cancel any currently active workflow runs that were created with a vulnerable version and have open hooks. Restart them using the latest patched version .
- Alternative API: If an upgrade is not possible, switch from `createWebhook()` to `createHook()` and resume hooks programmatically using `resumeHook()` instead of using the public HTTP endpoint .
- Remove Custom Tokens: If you must use `createWebhook()` on an older version, do not pass a custom `token` parameter. Rely on the default random `nanoid` generation .
- Treat Inputs as Untrusted: Even with a fixed version, always validate and sanitize any data entering your workflows via webhooks .
Impact:
Successful exploitation allows an unauthenticated remote attacker to bypass authentication and execute unauthorized actions within the context of a workflow. This can lead to:
– Unauthorized API Calls: Triggering external API requests as if they were initiated by the application.
– Data Injection: Writing arbitrary or malicious data to databases.
– Unwanted Deployments: Initiating deployment processes if the workflow is tied to CI/CD pipelines.
– State Manipulation: Resuming workflows in an unintended manner, leading to corrupted application logic or state .
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow DailyCVE & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin
Defuddle, Cross-site Scripting (XSS), CVE-2024-XXXXX (Critical)
