CVE-2026-33940

Name of the Vulnerable Software and Affected Versions Handlebars versions 4.0.0 through 4.7.8

Description Handlebars allows users to build semantic templates. A crafted object placed in the template context can bypass conditional guards in the resolvePartial() function, causing invokePartial() to return undefined. The Handlebars runtime then treats the unresolved partial as a source for compilation, passing the crafted object to env.compile(). Because the object is a valid Handlebars AST containing injected code, the generated JavaScript executes arbitrary commands on the server. The attack requires control over a value returned by a dynamic partial lookup. The vulnerable code path spans two functions: resolvePartial() and invokePartial(). The resolvePartial() function returns the crafted object itself, and invokePartial() then calls env.compile() with the crafted AST object. This enables Remote Code Execution in server-side rendering scenarios where templates process user-supplied context data. A proof of concept demonstrates the exploitation using a crafted object with call: true to bypass the primary branch condition in resolvePartial().

Recommendations Use the runtime-only build (require('handlebars/runtime')). Sanitize context data before rendering to ensure no non-primitive object is passed to a dynamic partial. Avoid dynamic partial lookups ({{> (lookup ...)}}) when context data is user-controlled.