CVE-2026-44883: Portainer JWT Token Leakage via URL Query Parameters
Portainer Community Edition versions between 2.33.0 and 2.33.7, 2.39.1, and 2.40.x contain a flaw in how they handle authentication tokens. The platform accepts JWT authentication tokens passed as URL query parameters (e.g., ?token=<JWT>) alongside the standard Authorization header. Because URLs are logged in reverse-proxy access logs, browser history, and Referer headers, tokens transmitted this way can be intercepted by anyone with access to those logs or by downstream websites users visit. Any leaked token provides complete access to the user's account for up to 8 hours (or longer if expiration is customized). This particularly affects users with container exec or attach permissions, not just administrators.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 7.5 HIGH · CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-598
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-05-28 / 2026-06-17
NVD description (verbatim)
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer's authentication middleware accepts JWT bearer tokens passed as the ?token=<JWT> URL query parameter on any authenticated API endpoint, in addition to the standard Authorization: Bearer header. URLs are recorded in reverse-proxy access logs, browser history, and HTTP Referer headers on outbound navigation, so any JWT passed this way can be harvested by anyone with access to those logs or by an external site the user subsequently visits. A leaked token grants the full privileges of the user it was issued to, until the token expires (default 8 hours, configurable). The ?token= parameter was used by Portainer's browser-based container attach, exec, and pod shell features, so any user with exec or attach rights on a container was exposed — not only administrators. This vulnerability is fixed in 2.33.8, 2.39.2, and 2.41.0.
2 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability stems from Portainer's authentication middleware accepting JWT bearer tokens via URL query parameters on any authenticated API endpoint. This design choice violates the principle that sensitive credentials should never appear in URLs, which are inherently logged and transmitted across multiple security boundaries. The browser-based container attach, exec, and pod shell features relied on this mechanism for interactive sessions. When a token reaches a reverse proxy, it is logged in plaintext. When a user navigates to an external site, the token-containing URL is passed in the HTTP Referer header. The CVSS 3.1 vector (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) reflects network-accessible attack surface, high attack complexity due to the required user interaction and reliance on log/header exposure, and high impact on confidentiality, integrity, and availability once a token is obtained. CWE-598 (Use of GET Request with Sensitive Query Strings) directly classifies this anti-pattern.
Business impact
Compromise of a Portainer user's JWT token grants attackers full administrative or delegated permissions within the container platform. An attacker with a leaked token can deploy malicious workloads, exfiltrate containerized application data, pivot to underlying infrastructure, or disrupt service availability. Because many Portainer deployments manage production Kubernetes or Docker Swarm clusters, token compromise can lead to data breaches, supply-chain attacks via container image manipulation, and operational downtime. Token expiration of 8 hours by default means a leaked token poses risk for a significant window. Organizations relying on Portainer for multi-tenant access control face privilege escalation risk if lower-privileged users' tokens are harvested.
Affected systems
Portainer Community Edition versions 2.33.0 through 2.33.7, 2.39.x before 2.39.2, and 2.40.x are affected. The flaw exists in any version between those ranges. Versions 2.33.8, 2.39.2, and 2.41.0 and later contain fixes. Users should verify their exact installed version via the Portainer UI or CLI. Organizations running Portainer in air-gapped or private environments still face risk if reverse-proxy logs or browser history are accessible to internal attackers or if users receive phishing emails redirecting to external sites after visiting Portainer.
Exploitability
Exploiting this vulnerability requires that a JWT token be leaked—either through reverse-proxy access logs, browser history, or Referer header leakage to an external site. The attack does not require Portainer code execution or credential brute-forcing. However, the attacker must have some means to observe or intercept URLs, which is why the CVSS assigns 'High' attack complexity. The exposure is highest in environments where: (1) reverse-proxy or load-balancer logs are insufficiently restricted, (2) users access Portainer and then browse untrusted external sites, or (3) multiple teams or contractors share access to log aggregation systems. No active CVE exploitation campaigns have been confirmed in public sources, but the simplicity of token extraction from logs makes opportunistic exploitation likely if logs are compromised.
Remediation
Immediately upgrade Portainer Community Edition to version 2.33.8, 2.39.2, 2.41.0, or later. Patch releases remove the ?token= query parameter support and enforce JWT transmission only via the Authorization header, preventing token leakage through URLs and logs. As an interim mitigation (if immediate patching is not feasible), restrict access to reverse-proxy and load-balancer logs, and advise users to avoid external browsing immediately after Portainer sessions. Review and invalidate any tokens that may have appeared in logs. Consider shortening token expiration times in Portainer configuration if supported by your version.
Patch guidance
Consult the official Portainer Community Edition release notes and security advisories for exact patch version numbers and release dates. Portainer is typically deployed via Docker containers; patching involves updating the container image to the fixed version and restarting the Portainer service. No data migration or configuration changes are required for the security fix. Test patched versions in a non-production environment first to confirm compatibility with your deployment model (Docker Compose, Kubernetes Helm chart, or binary). Verify that the ?token= parameter is no longer accepted after patching by testing with a known token; the API should reject it.
Detection guidance
Monitor reverse-proxy and API gateway logs for the presence of ?token= parameters in Portainer API request URLs. Any occurrence indicates potential token transmission via URL. Audit log retention policies to ensure logs containing sensitive URLs are purged regularly and stored securely. Use SIEM or log analysis tools to alert on patterns such as the same token value appearing in multiple log sources or logs accessed from unexpected users. Check Portainer audit logs (if available) for tokens issued and invalidate them if they appear in external logs. In Kubernetes environments, review RBAC policies for Portainer service accounts and consider restricting Referer header propagation at the ingress controller level to prevent token leakage to external sites.
Why prioritize this
This vulnerability merits prioritization because token compromise grants full platform access for 8 hours or longer, affecting not just administrators but any user with container exec or attach permissions. The attack surface is broad (any authenticated API endpoint) and exploitation requires only log access, not sophisticated techniques. Given Portainer's role as a central management platform for containerized infrastructure, compromise can cascade to underlying applications and data. The CVSS 7.5 (HIGH) score and the relative simplicity of token harvesting from logs justify urgent patching, especially for organizations managing production workloads.
Risk score, explained
The CVSS 3.1 score of 7.5 (HIGH) reflects: (1) Network-accessible attack vector (any user who causes a token to be logged can be targeted), (2) High attack complexity due to the requirement that tokens leak via logs, browser history, or Referer headers rather than direct exploitation, (3) User interaction required (users must navigate the platform and subsequently visit external sites or an attacker must access logs), (4) High impact across confidentiality (token grants full account access), integrity (attackers can modify deployments), and availability (attackers can disrupt services). The score does not assume widespread active exploitation; if the vulnerability is actively exploited in the wild post-disclosure, risk perception should be elevated to CRITICAL.
Frequently asked questions
If we upgrade to a fixed version, do existing tokens remain valid?
Yes. The patch removes support for ?token= in URLs but does not invalidate existing tokens. Tokens issued before the patch remain valid until their natural expiration. If you suspect tokens have been leaked, use Portainer's token management features to manually revoke them, or reduce the default 8-hour expiration window for new tokens.
Do organizations not using container attach/exec features face this risk?
Yes. The vulnerability affects any authenticated API endpoint, not just container attach and shell features. Any admin or user who generates a token and that token appears in a log or Referer header is at risk, regardless of which Portainer features they use.
Can we mitigate this without upgrading immediately?
Temporary mitigations include restricting access to reverse-proxy logs, advising users to avoid external browsing after Portainer sessions, and shortening token expiration times if your Portainer version supports it. However, these do not eliminate the vulnerability. A full fix requires upgrading to a patched version.
Does this affect Portainer Business Edition?
This advisory addresses Portainer Community Edition specifically. Check the vendor security advisory or your Portainer subscription support channel to determine if Business Edition versions are affected and what fixed versions are available.
This analysis is provided for informational purposes to support vulnerability assessment and remediation planning. The details herein reflect publicly available information and the CVE record as of the analysis date. Readers should verify patch availability and compatibility with their specific Portainer deployment before implementing changes. Consult the official Portainer security advisories and your vendor support channel for authoritative guidance. SEC.co does not provide legal, compliance, or operational guarantees; organizations remain responsible for assessing risk and implementing controls appropriate to their environment. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10078LOWQuay GitLab OAuth Credentials Leaked in Plaintext Query Parameters
- CVE-2026-44848HIGHPortainer Plugin Management RBAC Bypass – Privilege Escalation in Community Edition
- CVE-2026-44849HIGHPortainer EndpointSecuritySettings Bypass via Docker Swarm API
- CVE-2026-44850HIGHPortainer Bind Mount Restriction Bypass – HIGH Severity Security Flaw
- CVE-2026-44882HIGHPortainer Kubernetes Authorization Bypass Vulnerability
- CVE-2026-44884MEDIUMPortainer Custom Template Information Disclosure Vulnerability
- CVE-2026-44885MEDIUMPortainer Directory Traversal in Backup Restore (2.33.0–2.33.7)
- CVE-2018-25382HIGHZechat 1.5 SQL Injection Vulnerability – Unauthenticated Database Access