CVE-2026-33620 Overview
CVE-2026-33620 is a sensitive data exposure vulnerability in PinchTab, a standalone HTTP server that enables AI agents to directly control a Chrome browser. The vulnerability stems from an unsafe credential transport pattern where the application accepted API tokens via URL query parameters (?token=) in addition to the recommended Authorization header. This design flaw can lead to credential exposure through various logging mechanisms and client-side tooling.
Critical Impact
API tokens passed via URL query parameters can be inadvertently exposed through reverse proxy access logs, browser history, shell history, clipboard history, and tracing systems that capture full URLs, potentially allowing unauthorized access to PinchTab-controlled browser sessions.
Affected Products
- PinchTab v0.7.8 through v0.8.3
Discovery Timeline
- 2026-03-26 - CVE CVE-2026-33620 published to NVD
- 2026-03-26 - Last updated in NVD database
Technical Details for CVE-2026-33620
Vulnerability Analysis
This vulnerability represents an information exposure issue classified under CWE-598 (Use of GET Request Method With Sensitive Query Strings). The core problem lies in PinchTab's acceptance of authentication tokens through URL query parameters, which violates security best practices for credential handling.
When API credentials are transmitted via URL query strings rather than secure headers, they become susceptible to exposure through multiple vectors. URLs are routinely logged by web servers, proxies, and load balancers. They appear in browser history, can be captured in clipboard operations, and may be recorded by various debugging and tracing tools. This creates numerous opportunities for credential leakage even in otherwise secure deployments.
The vulnerability requires user interaction to exploit—a valid token must be configured and a client must actually use the query-parameter authentication form. However, the risk is compounded by the fact that PinchTab included first-party flows that generated and consumed URLs containing tokens, potentially normalizing this insecure pattern for users.
Root Cause
The root cause of CVE-2026-33620 is the implementation of dual authentication pathways that accepted API tokens from both the Authorization header and the token URL query parameter. While PinchTab's security documentation recommended using Authorization: Bearer <token>, the application's acceptance of query parameter tokens—combined with first-party features that generated token-bearing URLs—created an unsafe credential transport pattern that could lead to inadvertent token exposure.
Attack Vector
The attack vector is network-based and requires user interaction. An attacker would need to gain access to systems or logs where URLs containing the API token have been recorded. Potential exposure points include:
Access to reverse proxy or web server logs that record full request URIs could reveal tokens. Browser history access on systems where administrators have used token-bearing URLs would expose credentials. Shell history files may contain curl commands or similar requests with tokens in the URL. Clipboard history applications could capture URLs copied for sharing or testing purposes. Application performance monitoring and tracing systems that log complete URLs would also retain sensitive credentials.
Once an attacker obtains a valid API token, they could potentially gain unauthorized control over PinchTab-managed browser sessions, depending on the deployment configuration.
Detection Methods for CVE-2026-33620
Indicators of Compromise
- Review web server, reverse proxy, and load balancer logs for requests containing ?token= query parameters to PinchTab endpoints
- Search browser history databases for URLs containing PinchTab token parameters
- Audit shell history files (.bash_history, .zsh_history) for commands with embedded tokens
Detection Strategies
- Implement log monitoring rules to alert on any requests to PinchTab endpoints containing token= in the query string
- Deploy web application firewalls (WAF) with rules to detect and block sensitive credentials in URL parameters
- Use SentinelOne's behavioral analysis to identify unusual access patterns to browser automation services
Monitoring Recommendations
- Enable audit logging for all PinchTab API access and monitor for authentication anomalies
- Configure alerts for API token usage from unexpected IP addresses or geographic locations
- Review application logs for any deprecated query-parameter authentication attempts after upgrading to v0.8.4
How to Mitigate CVE-2026-33620
Immediate Actions Required
- Upgrade PinchTab to v0.8.4 or later, which removes query-string token authentication entirely
- Rotate all existing API tokens that may have been exposed via URL query parameters
- Audit and purge logs, browser histories, and shell histories that may contain exposed tokens
- Review access logs to identify any potential unauthorized usage of leaked credentials
Patch Information
The vulnerability was addressed in PinchTab v0.8.4, which removes query-string token authentication and requires safer header- or session-based authentication flows. The fix ensures that tokens can only be transmitted via the secure Authorization: Bearer <token> header mechanism.
For detailed patch information, refer to the GitHub Release v0.8.4 and the GitHub Security Advisory GHSA-mrqc-3276-74f8.
Workarounds
- If immediate upgrade is not possible, ensure all clients exclusively use the Authorization: Bearer <token> header for authentication
- Configure reverse proxies to strip or reject requests containing token= query parameters
- Implement network-level access controls to limit PinchTab API exposure to trusted networks only
# Example: Configure nginx to reject requests with token query parameter
location /pinchtab/ {
if ($query_string ~* "token=") {
return 403;
}
proxy_pass http://pinchtab-backend;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
