{"id":"EEF-CVE-2026-55736","summary":"Private action arguments can be set by user input in Ash","details":"## Summary\n\nImproperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the value of a private action argument that is intended to be controlled only by trusted server-side code.\n\nAction arguments declared with public?: false are meant to be set internally (for example via Ash.Changeset.set\\_private\\_argument/3) and must not be settable from end-user input. When a changeset is built from a parameter map, Ash filters out private arguments, but the filtering is incomplete.\n\nIn the regular changeset path (for\\_create, for\\_update, for\\_destroy), private arguments are stripped only when the parameter key is an atom. When the key is a binary (string), as is the case for user-supplied parameters, the private argument is kept and the user controls its value. In the atomic path (Ash.Changeset.fully\\_atomic\\_changeset/4, also reached through atomic and bulk updates), private arguments are not stripped at all, regardless of whether the key is an atom or a binary.\n\nAn attacker who can submit parameters to an action that defines a private argument can therefore inject a value for that argument. Depending on how the application uses the argument (for example an acting\\_user\\_id driving authorization or record ownership), this can lead to an integrity violation or privilege escalation.\n\nThis issue affects ash: from 3.0.0 before 3.29.3.\n\n## Configuration\n\nAn action must declare a private argument (one defined with public?: false) whose value is meant to be set only by trusted server-side code, and the application must build the changeset from untrusted user-supplied parameters, passing them straight into Ash.Changeset.for\\_create/3, for\\_update/3, for\\_destroy/3, or into an atomic or bulk update.","aliases":["CVE-2026-55736","GHSA-f4hc-ppw9-4hhw"],"modified":"2026-06-23T18:26:36.424761717Z","published":"2026-06-23T18:21:13.033Z","database_specific":{"cpe_ids":["cpe:2.3:a:ash-project:ash:*:*:*:*:*:*:*:*"],"capec_ids":["CAPEC-77"],"cwe_ids":["CWE-915"]},"references":[{"type":"ADVISORY","url":"https://github.com/ash-project/ash/security/advisories/GHSA-f4hc-ppw9-4hhw"},{"type":"WEB","url":"https://cna.erlef.org/cves/CVE-2026-55736.html"},{"type":"FIX","url":"https://github.com/ash-project/ash/commit/d9b3100219b3ea86d73202bf7368c03a7688efea"},{"type":"PACKAGE","url":"https://hex.pm/packages/ash"}],"affected":[{"package":{"name":"ash","ecosystem":"Hex","purl":"pkg:hex/ash"},"ranges":[{"type":"SEMVER","events":[{"introduced":"3.0.0"},{"fixed":"3.29.3"}]}],"versions":["3.0.0","3.0.1","3.0.10","3.0.11","3.0.12","3.0.13","3.0.14","3.0.15","3.0.16","3.0.2","3.0.3","3.0.4","3.0.5","3.0.6","3.0.7","3.0.8","3.0.9","3.1.0","3.1.1","3.1.2","3.1.3","3.1.4","3.1.5","3.1.6","3.1.7","3.1.8","3.10.0","3.10.1","3.11.0","3.11.1","3.11.2","3.11.3","3.12.0","3.13.0","3.13.1","3.13.2","3.14.0","3.14.1","3.15.0","3.16.0","3.17.0","3.17.1","3.18.0","3.19.0","3.19.1","3.19.2","3.19.3","3.2.0","3.2.1","3.2.2","3.2.3","3.2.4","3.2.5","3.2.6","3.20.0","3.21.0","3.21.1","3.21.2","3.21.3","3.22.0","3.22.1","3.22.2","3.23.0","3.23.1","3.24.0","3.24.1","3.24.2","3.24.3","3.24.4","3.24.5","3.24.6","3.24.7","3.25.0","3.25.1","3.25.2","3.26.0","3.27.0","3.27.1","3.27.2","3.27.3","3.27.4","3.27.5","3.27.6","3.27.7","3.27.8","3.28.0","3.29.0","3.29.1","3.29.2","3.3.0","3.3.1","3.3.2","3.3.3","3.4.0","3.4.1","3.4.10","3.4.11","3.4.12","3.4.13","3.4.14","3.4.15","3.4.16","3.4.17","3.4.18","3.4.19","3.4.2","3.4.20","3.4.21","3.4.22","3.4.23","3.4.24","3.4.25","3.4.26","3.4.27","3.4.28","3.4.29","3.4.3","3.4.30","3.4.31","3.4.32","3.4.33","3.4.34","3.4.35","3.4.36","3.4.37","3.4.38","3.4.39","3.4.4","3.4.40","3.4.41","3.4.42","3.4.43","3.4.44","3.4.45","3.4.46","3.4.47","3.4.48","3.4.49","3.4.5","3.4.50","3.4.51","3.4.52","3.4.53","3.4.54","3.4.55","3.4.56","3.4.57","3.4.58","3.4.59","3.4.6","3.4.60","3.4.61","3.4.62","3.4.63","3.4.64","3.4.65","3.4.66","3.4.67","3.4.68","3.4.69","3.4.7","3.4.70","3.4.71","3.4.72","3.4.73","3.4.74","3.4.8","3.4.9","3.5.0","3.5.1","3.5.10","3.5.11","3.5.12","3.5.13","3.5.14","3.5.15","3.5.16","3.5.17","3.5.18","3.5.19","3.5.2","3.5.20","3.5.21","3.5.22","3.5.23","3.5.24","3.5.25","3.5.26","3.5.27","3.5.28","3.5.29","3.5.3","3.5.30","3.5.31","3.5.32","3.5.33","3.5.34","3.5.35","3.5.36","3.5.37","3.5.38","3.5.39","3.5.4","3.5.40","3.5.41","3.5.42","3.5.43","3.5.5","3.5.6","3.5.7","3.5.8","3.5.9","3.6.0","3.6.1","3.6.2","3.6.3","3.7.0","3.7.1","3.7.2","3.7.3","3.7.4","3.7.5","3.7.6","3.8.0","3.9.0"],"database_specific":{"source":"https://cna.erlef.org/osv/EEF-CVE-2026-55736.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/ash-project/ash","events":[{"introduced":"5967ed3a483ab949866e6d7b043b043e61703f17"},{"fixed":"d9b3100219b3ea86d73202bf7368c03a7688efea"}]}],"versions":["v3.29.2","v3.29.1","v3.29.0","v3.28.0","v3.27.8","v3.27.7","v3.27.6","v3.27.4","v3.27.3","v3.27.2","v3.27.1","v3.27.0","v3.26.0","v3.25.2","v3.25.1","v3.25.0","v3.24.7","v3.24.6","v3.24.5","v3.24.4","v3.24.3","v3.24.2","v3.24.1","v3.24.0","v3.23.1","v3.23.0","v3.22.2","v3.22.1","v3.22.0","v3.21.3","v3.21.2","v3.21.1","v3.21.0","v3.20.0","v3.19.3","v3.19.2","v3.19.1","v3.19.0","v3.18.0","v3.17.1","v3.17.0","v3.16.0","v3.15.0","v3.14.1","v3.14.0","v3.13.2","v3.13.1","v3.13.0","v3.12.0","v3.11.3","v3.11.2","v3.11.1","v3.11.0","v3.10.1","v3.10.0","v3.9.0","v3.8.0","v3.7.6","v3.7.5","v3.7.4","v3.7.3","v3.7.2","v3.7.1","v3.7.0","v3.6.3","v3.6.2","v3.6.1","v3.6.0","v3.5.43","v3.5.42","v3.5.41","v3.5.39","v3.5.38","v3.5.37","v3.5.36","v3.5.35","v3.5.33","v3.5.32","v3.5.31","v3.5.30","v3.5.29","v3.5.28","v3.5.27","v3.5.26","v3.5.25","v3.5.24","v3.5.23","v3.5.22","v3.5.21","v3.5.19","v3.5.18","v3.5.17","v3.5.16","v3.5.15","v3.5.14","v3.5.13","v3.5.12","v3.5.11","v3.5.10","v3.5.8","v3.5.7","v3.5.6","v3.5.5","v3.5.4","v3.5.3","v3.5.2","v3.5.1","v3.4.73","v3.4.72","v3.4.71","v3.4.70","v3.4.69","v3.4.68","v3.4.67","v3.4.66","v3.4.65","v3.4.64","v3.4.63","v3.4.62","v3.4.61","v3.4.59","v3.4.58","v3.4.57","v3.4.56","3.4.56","v3.4.55","v3.4.54","v3.4.53","v3.4.51","v3.4.50","v3.4.48","v3.4.47","v3.4.46","v3.4.45","v3.4.44","v3.4.43","v3.4.42","v3.4.41","v3.4.40","v3.4.39","v3.4.38","v3.4.37","v3.4.36","v3.4.35","v3.4.34","v3.4.33","v3.4.32","v3.4.31","v3.4.30","v3.4.29","v3.4.28","v3.4.27","v3.4.26","v3.4.25","v3.4.24","v3.4.23","v3.4.21","v3.4.20","v3.4.19","v3.4.18","v3.4.17","v3.4.16","v3.4.15","v3.4.14","v3.4.13","v3.4.12","v3.4.11","v3.4.10","v3.4.9","v3.4.8","v3.4.7","v3.4.6","v3.4.5","v3.4.4","v3.4.3","v3.4.2","v3.4.1","v3.3.3","v3.3.2","v3.3.1","v3.3.0","v3.2.6","v3.2.5","v3.2.4","v3.2.3","v3.2.2","v3.2.1","v3.1.8","v3.1.7","v3.1.6","v3.1.5","v3.1.1","v3.0.16","v3.0.15","v3.0.14","v3.0.13","v3.0.12","v3.0.11","v3.0.10","v3.0.9","v3.0.8","v3.0.7","v3.0.6","v3.0.5","v3.0.4","v3.0.3","3.0.3","v3.0.2","v3.0.1","v3.0.0-rc.46","v3.0.0-rc.45","v3.0.0-rc.44","v3.0.0-rc.43","v3.0.0-rc.42","v3.0.0-rc.41","v3.0.0-rc.40","v3.0.0-rc.38","v3.0.0-rc.37","v3.0.0-rc.36","v3.0.0-rc.35","v3.0.0-rc.34","v3.0.0-rc.33","v3.0.0-rc.32","v3.0.0-rc.31","v3.0.0-rc.30","v3.0.0-rc.29","v3.0.0-rc.27","v3.0.0-rc.26","v3.0.0-rc.25","v3.0.0-rc.24","v3.0.0-rc.23","v3.0.0-rc.22","v3.0.0-rc.21","v3.0.0-rc.20","v3.0.0-rc.19","v3.0.0-rc.18","v3.0.0-rc.17","v3.0.0-rc.16","v3.0.0-rc.15","v3.0.0-rc.14","v3.0.0-rc.13","v3.0.0-rc.12","v3.0.0-rc.11","v3.0.0-rc.10","v3.0.0-rc.9","v3.0.0-rc.8","v3.0.0-rc.7","v3.0.0-rc.6","v3.0.0-rc.5","v3.0.0-rc.4","v3.0.0-rc.3","v3.0.0-rc.2","v3.0.0-rc.1","v3.0.0-rc.0"],"database_specific":{"source":"https://cna.erlef.org/osv/EEF-CVE-2026-55736.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"}],"credits":[{"name":"Alfred Vié","type":"FINDER"},{"name":"Zach Daniel","type":"REMEDIATION_REVIEWER"},{"name":"Jonatan Männchen / EEF","type":"ANALYST"}]}