CVE-2026-47125: Arcane Broken Access Control on Global Environment Variables (CVSS 8.8)
Arcane, a Docker container management interface, has a critical flaw in how it protects global environment variables. Any logged-in user—not just administrators—can modify system-wide configuration values that affect every containerized project. An attacker could inject malicious registry URLs, database credentials, or other secrets into these shared variables, poisoning deployments across the entire system. The vulnerability exists in versions prior to 1.19.2 and requires only basic authentication to exploit.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 8.8 HIGH · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-862
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-05-29 / 2026-06-17
NVD description (verbatim)
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/{id}/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin authorization check. Any authenticated non-admin user can call this endpoint with their bearer token or API key and overwrite the global environment variables that are merged into every project deployment. By overriding values like REGISTRY, IMAGE, DATABASE_URL, or SECRET_KEY that other users reference via ${VAR} in compose files, an attacker can redirect image pulls to attacker-controlled registries (supply-chain RCE on the Docker host), exfiltrate database credentials, or disrupt all projects. This vulnerability is fixed in 1.19.2.
1 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-47125 is a broken access control vulnerability in the PUT /api/environments/{id}/templates/variables endpoint. The endpoint manages the .env.global file, which serves as a centralized source for variable substitution across all Docker Compose projects via ${VAR} token replacement. The absence of administrative authorization checks (CWE-862) allows any authenticated user to overwrite global environment variables. Attackers can modify critical values such as REGISTRY, IMAGE, DATABASE_URL, and SECRET_KEY. When these variables are subsequently referenced in Compose files by other projects or users, the attacker-controlled values take precedence, enabling supply-chain attacks, credential theft, and service disruption. The vulnerability is remediated in version 1.19.2.
Business impact
This vulnerability creates a broad blast radius across containerized infrastructure. An attacker with basic user credentials can compromise all downstream deployments that depend on shared environment variables. Real-world consequences include: (1) supply-chain RCE if the attacker redirects image registry URLs to malicious registries, (2) credential exfiltration by modifying DATABASE_URL or other secret references, and (3) denial-of-service by corrupting configuration values relied upon by mission-critical projects. In multi-tenant or multi-team environments, a single compromised low-privilege account can destabilize operations for dozens of projects simultaneously. Recovery requires audit trails to identify the moment of tampering and rollback of affected deployments.
Affected systems
Arcane versions prior to 1.19.2 are affected. The vulnerability impacts any deployment where (1) multiple users or service accounts are provisioned with API access, (2) global environment variables are actively used for cross-project configuration (a common pattern for registry URLs, database endpoints, and secrets), and (3) lower-privileged users have legitimate API access. Organizations using Arcane in shared or multi-tenant scenarios are at highest risk.
Exploitability
Exploitation is straightforward and requires only low-level prerequisites. An attacker needs: (1) valid authentication credentials (a bearer token or API key for any non-admin user), (2) network access to the Arcane API, and (3) knowledge of which global variables are referenced in active Compose files. No interaction or special conditions are needed. The attack is trivial to execute via a simple HTTP PUT request. However, discovery of which variables are in use may require reconnaissance or prior knowledge of the environment. The CVSS vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) reflects high network accessibility, low attack complexity, and low privilege requirements, with confidentiality, integrity, and availability all severely impacted.
Remediation
Upgrade Arcane to version 1.19.2 or later. This patch introduces proper administrative authorization enforcement on the PUT /api/environments/{id}/templates/variables endpoint, restricting modifications to authenticated admin users only. Before upgrading, organizations should audit recent changes to global environment variables to identify any unauthorized modifications. After patching, implement additional controls: (1) enforce principle of least privilege by limiting API credentials to only necessary permissions, (2) enable audit logging and alerting on changes to global configuration, and (3) consider network segmentation to restrict which users can access the Arcane API.
Patch guidance
Apply Arcane version 1.19.2 as soon as feasible. The patch is a straightforward upgrade and should not require configuration changes or data migration. Test the upgrade in a non-production environment first to verify compatibility with your Docker Compose workflows. Once patched, verify that admin authorization checks are functioning by attempting a PUT request with a non-admin API key; the request should be rejected with a 403 Forbidden response. For organizations on versions substantially older than 1.19.2, check the release notes for any intermediate breaking changes or migration steps.
Detection guidance
Monitor Arcane logs and API audit trails for PUT requests to /api/environments/{id}/templates/variables, particularly those originating from non-admin user accounts. Correlate API modifications with subsequent changes in Docker image pull behavior or container startup logs. Look for evidence of: (1) unexpected changes to REGISTRY, DATABASE_URL, or other critical variables, (2) API requests from unfamiliar or low-privilege service accounts, (3) rapid or sequential modifications to global variables. If your Arcane deployment has API request logging, search for patterns like `PUT.*templates/variables` with response codes indicating modification success (200, 204). After detecting tampering, compare current .env.global content against a known-good baseline to identify malicious values. Organizations without detailed audit logging should prioritize enabling request logging immediately.
Why prioritize this
This vulnerability merits high-priority remediation despite not appearing on the CISA KEV list. The combination of low exploitation difficulty, broad blast radius, and potential for supply-chain compromise justifies urgent patching. In multi-user or multi-tenant Arcane deployments, the risk is near-critical. Even in single-team environments, the ability to inject malicious registry URLs represents a direct path to container-level RCE. The fix is straightforward and low-risk, making remediation both important and feasible.
Risk score, explained
The CVSS 3.1 score of 8.8 (HIGH) accurately reflects the severity. The score is driven by: (1) Network accessibility (AV:N) without authentication requirements beyond basic login, (2) low attack complexity (AC:L) requiring no special conditions, (3) privileges required only at the user level (PR:L), (4) no user interaction (UI:N), (5) unchanged scope (S:U) but with high impact across confidentiality (C:H), integrity (I:H), and availability (A:H). The only mitigating factor is that the attacker must already be authenticated, which prevents completely unauthenticated exploitation. However, this is often a weak barrier in environments where service accounts or contractor access is provisioned. The score appropriately places this vulnerability in the urgent-fix category.
Frequently asked questions
Can this vulnerability be exploited without a valid API key or bearer token?
No. The vulnerability requires authentication. An attacker must possess valid credentials for at least a non-admin user account. However, in many organizations, such credentials are provisioned to contractors, CI/CD systems, or service accounts, expanding the pool of potential attackers.
If we modify global environment variables, will it immediately affect all running containers?
Not all running containers immediately. Existing containers will continue using the old variable values unless they are redeployed. However, any new or restarted containers will pull the modified global variables from .env.global. An attacker might trigger a mass restart or wait for routine redeployments to maximize impact.
How can we identify if this vulnerability has been exploited in our environment?
Review your Arcane audit logs for any PUT requests to the /api/environments/{id}/templates/variables endpoint, especially from non-admin accounts. Compare your current .env.global file against backups or version control history to detect unauthorized changes. Look for unexpected modifications to REGISTRY, DATABASE_URL, SECRET_KEY, or other sensitive variables that may correlate with container deployment failures or unexpected image sources.
Is upgrading to 1.19.2 a breaking change?
According to the CVE description, version 1.19.2 is a patch release that adds authorization enforcement. Patch releases typically do not introduce breaking changes. However, verify the Arcane release notes for your specific version to confirm compatibility and any configuration adjustments needed in your environment.
This analysis is based on the CVE description and CVSS vector provided. Organizations should verify patch availability and compatibility against the official Arcane project repository and vendor advisories. Testing in a non-production environment is strongly recommended before deploying patches to production systems. This vulnerability is not currently tracked on the CISA KEV list, but that does not diminish its risk in affected environments. Exploit code and weaponized proofs-of-concept are not provided or endorsed; security research should be conducted responsibly and ethically. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Weaknesses (CWE)
Related vulnerabilities
- CVE-2018-25391HIGHHaPe PKH 1.1 Authorization Bypass – Unauthorized Record Deletion Vulnerability
- CVE-2025-26418HIGHAndroid CarDevicePolicyService Privilege Escalation (CVSS 7.8)
- CVE-2025-53345HIGHThimPress Thim Core Missing Authorization Leads to Code Execution
- CVE-2026-10737HIGHWordPress SP Project & Document Manager Unauthenticated File Access Vulnerability
- CVE-2026-31942HIGHLibreChat IDOR Vulnerability Allows Unauthorized API Key Manipulation
- CVE-2026-32905HIGHOpenClaw Device-Pair Authorization Bypass (CVSS 8.3)
- CVE-2026-35630HIGHOpenClaw Authorization Bypass in QQBot Approval Buttons
- CVE-2026-42669HIGHEventPrime Missing Authorization Vulnerability (CVSS 7.5)