CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

DEBIAN-CVE-2026-48501

GitHub CLI gh is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh release verify-asset commands. The CLI uses a shared HTTP client with an authenticati...

7.4CVSS5.8AI score0.00038EPSS

Exploits0References1

NVD•added 5 days ago•14 views

CVE-2026-48501

9.1CVSS0.00038EPSS

Exploits0References1

EUVD•added 5 days ago•6 views

EUVD-2026-33340

7.4CVSS5.8AI score0.00038EPSS

Exploits0References1

SUSE CVE•added 2026/05/18 1:21 p.m.•6 views

SUSE CVE-2026-45803

gh is GitHub's official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...

3.5CVSS6AI score0.00034EPSS

Exploits1References3

Tenable Nessus•added 2026/05/16 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-45803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gh is GitHub's official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal...

3.5CVSS6.1AI score0.00034EPSS

Exploits1References3

UbuntuCve•added 2026/05/15 4:16 p.m.•4 views

CVE-2026-45803

gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...

3.5CVSS6AI score0.00034EPSS

Exploits1References2

ATTACKERKB•added 2026/05/15 3:26 p.m.•3 views

CVE-2026-45803

3.5CVSS6AI score0.00034EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/05/15 3:26 p.m.•2 views

CVE-2026-45803 gh: GitHub Actions log output in `gh run view` allows terminal escape sequence injection

3.5CVSS6AI score0.00034EPSS

Exploits1References1

Debian CVE•added 2026/05/15 3:26 p.m.•3 views

CVE-2026-45803

3.5CVSS6AI score0.00034EPSS

Exploits1

CNNVD•added 2026/05/15 12:0 a.m.•4 views

GitHub CLI 安全漏洞

GitHub CLI is an open-source command-line interface for GitHub. Versions of GitHub CLI from 1.6.0 to 2.92.0 contained a security vulnerability. This vulnerability stemmed from the lack of cleaning terminal control sequences when processing GitHub Actions workflow logs. It could allow attackers to...

3.5CVSS5.9AI score0.00034EPSS

Exploits1References1

Fedora•added 2026/05/07 12:52 a.m.•3 views

[SECURITY] Fedora 44 Update: gh-2.92.0-1.fc44

A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...

6.1CVSS5.8AI score0.0005EPSS

Exploits0

GithubExploit•added 2026/04/08 5:27 a.m.•74 views

H4C-WEB

H4C-WEB !/bin/bash =======================================...

5.9AI score

Exploits0

Fedora•added 2026/03/07 3:33 a.m.•5 views

[SECURITY] Fedora 42 Update: gh-2.87.3-1.fc42

7.5CVSS5.8AI score0.00048EPSS

Exploits2

Fedora•added 2026/02/27 12:56 a.m.•4 views

[SECURITY] Fedora 43 Update: gh-2.87.0-2.fc43

7.5CVSS5.9AI score0.00037EPSS

Exploits1

Chainguard•added 2026/01/23 7:24 p.m.•4 views

CVE-2026-23831 vulnerabilities

Vulnerabilities for packages: flux-source-controller-fips, spire-server, zot, image-factory-fips, ko-fips, trivy-fips, tkn-fips, skaffold, slsa-verifier, tekton-chains, gh, tflint, tkn, ko, teleport, kyverno-policy-reporter-plugins-kyverno, flux-source-controller, chainctl, kyverno, zarf,...

5.3CVSS7.3AI score0.00019EPSS

Exploits0

Tenable Nessus•added 2026/01/22 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: gh (CVE-2025-25204)

The version of gh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-25204 advisory. - gh is GitHub's official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain...

6.3CVSS5.7AI score0.00213EPSS

Exploits0References2

Fedora•added 2025/11/14 1:28 a.m.•4 views

[SECURITY] Fedora 43 Update: gh-2.83.0-1.fc43

7.5CVSS7.1AI score0.00046EPSS

Exploits0

SUSE CVE•added 2025/03/14 2:57 a.m.•1 views

SUSE CVE-2025-25204

gh is GitHub's official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...

6.3CVSS6.5AI score0.00213EPSS

Exploits0References2

NVD•added 2025/02/14 5:15 p.m.•15 views

CVE-2025-25204

gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...

6.3CVSS0.00213EPSS

Exploits0References3

Cvelist•added 2025/02/14 4:38 p.m.•10 views

CVE-2025-25204 `gh attestation verify` returns incorrect exit code during verification if no attestations are present

6.3CVSS0.00213EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by