2 matches found
CVE-2026-34243
wenxian is a tool to generate BIBTEX files from given identifiers DOI, PMID, arXiv ID, or paper title. In versions 0.3.1 and prior, a GitHub Actions workflow uses untrusted user input from issuecomment.body directly inside a shell command, allowing potential command injection and arbitrary code...
CVE-2026-34243
creationtimestamp| type| source ---|---|--- 2026-03-27 12:52:58+00:00| published-proof-of-concept| https://github.com/njzjz/wenxian/security/advisories/GHSA-r4fj-r33x-8v88 2026-03-31 16:28:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mieluuzr2r2c 2026-03-31...