External risk intelligence

Penpot Invitation Token and Profile Takeover Vulnerability

CVE advisorySeverity: CRITICAL (CVSS 9.9)

CVE-2026-44986

Penpot is a collaborative design tool typically deployed as a web application accessible via the internet to facilitate team collaboration. As an externally reachable web-based service, its authentication and invitation endpoints are commonly exposed to the public internet in standard deployment patterns.

Authentication Bypass

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This advisory addresses a critical vulnerability in Penpot, an open-source design collaboration tool. The issue involves improper session management during user profile registration and team invitations, which could allow an unauthorized, registered user to gain control of another user's non-blocked profile without proper verification. While specific impact depends on your Penpot deployment and usage, this type of authentication bypass could have significant implications for data integrity and access control within collaborative design workflows.

  • Unregistered users could hijack existing profiles.
  • Confirms a serious weakness in user account control.
  • Assess Penpot usage and confirm exposure.

Attack Path

How an attacker could exploit the issue

An attacker with access to an existing Penpot account could impersonate another user by exploiting how new invitations are processed. By crafting a specific invitation, an attacker could potentially hijack any non-blocked profile, leading to unauthorized access and control over design assets and team data.

  • Attacker needs an existing user account.
  • Invitation email matches any user's profile.
  • Full account takeover and data manipulation.

Live Threat

Current exploitation, exposure, and threat context

When supported by the advisory, a registered user could potentially take over any non-blocked profile by exploiting an authentication vulnerability that bypasses password verification for profile registration. This could impact user accounts and sensitive information within the Penpot application.

  • User accounts and profile data.
  • Unverified invitation email matching.
  • Unauthorized profile access and control.

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability in Penpot, a collaborative design tool, could allow a registered user to take over non-blocked user profiles without password verification. Platform or infrastructure teams responsible for deploying and managing Penpot should initiate an inventory of all Penpot instances. Subsequently, they must identify which instances are externally reachable and business-critical to prioritize remediation efforts and engage accountable application owners or vendor management teams.

  • Platform/App owners should manage this issue.
  • Verify external reachability and business criticality.
  • Plan remediation with accountable owners.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is Penpot?

Penpot is an open-source design and code collaboration platform. It is widely used by design and development teams to create prototypes, manage shared design assets, and streamline team workflows through a centralized, web-based interface.

What does CWE-287 and CWE-639 mean for CVE-2026-44986?

These codes identify weaknesses in identity and access control. CWE-287 refers to improper authentication, while CWE-639 involves an authorization bypass. In this CVE, they describe a flaw where the system fails to verify passwords or properly restrict profile access, allowing a user to improperly link their session to another account.

How is this vulnerability triggered?

An attacker must be a registered user of the application to initiate this process. The vulnerability occurs when the system creates a session based solely on an invitation email match without requiring a password. Simply viewing public content or having an unregistered account does not trigger the bug; it requires active interaction with the invitation and registration flow.

Is my Penpot instance at risk?

According to Halo Surface Signal, Penpot is typically deployed as a web application accessible via the internet to enable collaboration. If your instance is externally reachable, it is more accessible to this type of account-based manipulation than a strictly internal, isolated deployment.

How do I fix CVE-2026-44986?

The primary response is to update your Penpot installation to version 2.14.5 or later. Administrators should inventory all deployed instances to identify those that are active, prioritize updates for business-critical systems, and ensure the patch is applied to close the improper authentication and authorization gaps.

References