Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-hshv-6wjm-sfg6
Vulnerability ID VCID-hshv-6wjm-sfg6
Aliases CVE-2026-22033
GHSA-2mq9-hm29-8qch
Summary Label Studio is vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field A persistent stored cross-site scripting (XSS) vulnerability exists in the custom_hotkeys functionality of the application. An authenticated attacker (or one who can trick a user/administrator into updating their custom_hotkeys) can inject JavaScript code that executes in other users’ browsers when those users load any page using the `templates/base.html` template. Because the application exposes an API token endpoint (`/api/current-user/token`) to the browser and lacks robust CSRF protection on some API endpoints, the injected script may fetch the victim’s API token or call token reset endpoints — enabling full account takeover and unauthorized API access. This vulnerability is of critical severity due to the broad impact, minimal requirements for exploitation (authenticated user), and the ability to escalate privileges to full account compromise.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (5)
CWE-285 Improper Authorization
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-284 Improper Access Control
System Score Found at
epss 0.00014 https://api.first.org/data/v1/epss?cve=CVE-2026-22033
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-2mq9-hm29-8qch
cvssv4 8.6 https://github.com/HumanSignal/label-studio
generic_textual HIGH https://github.com/HumanSignal/label-studio
cvssv4 8.6 https://github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505
generic_textual HIGH https://github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505
ssvc Track https://github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505
cvssv4 8.6 https://github.com/HumanSignal/label-studio/pull/9084
generic_textual HIGH https://github.com/HumanSignal/label-studio/pull/9084
ssvc Track https://github.com/HumanSignal/label-studio/pull/9084
cvssv4 8.6 https://github.com/HumanSignal/label-studio/releases/tag/nightly
generic_textual HIGH https://github.com/HumanSignal/label-studio/releases/tag/nightly
cvssv3.1_qr HIGH https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
cvssv4 8.6 https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
generic_textual HIGH https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
ssvc Track https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
cvssv4 8.6 https://nvd.nist.gov/vuln/detail/CVE-2026-22033
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2026-22033
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-22033
https://github.com/HumanSignal/label-studio
https://github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505
https://github.com/HumanSignal/label-studio/pull/9084
https://github.com/HumanSignal/label-studio/releases/tag/nightly
CVE-2026-22033 https://nvd.nist.gov/vuln/detail/CVE-2026-22033
GHSA-2mq9-hm29-8qch https://github.com/advisories/GHSA-2mq9-hm29-8qch
GHSA-2mq9-hm29-8qch https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
No exploits are available.
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Found at https://github.com/HumanSignal/label-studio
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Found at https://github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:10:50Z/ Found at https://github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Found at https://github.com/HumanSignal/label-studio/pull/9084
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:10:50Z/ Found at https://github.com/HumanSignal/label-studio/pull/9084
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Found at https://github.com/HumanSignal/label-studio/releases/tag/nightly
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Found at https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-12T18:10:50Z/ Found at https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Found at https://nvd.nist.gov/vuln/detail/CVE-2026-22033
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.02737
EPSS Score 0.00014
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-02T04:49:28.551500+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/label-studio/CVE-2026-22033.yml 38.6.0