CloudPirates Open Source Helm Charts: Code Injection Vulnerability

CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stems from executing code controlled by the attacker in...

Supply Chain Compromises Impact Nx Console and GitHub Repositories

CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development CI/CD pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code VS...

Embedded Malicious Code

Overview @tiledesk/tiledesk-server is a The Tiledesk server module Affected versions of this package are vulnerable to Embedded Malicious Code part of the "Megalodon" campaign that orchestrated a massive supply-chain attack, pushing malicious commits to 5,561 GitHub repositories within a six-hour...

Malicious code in @antv/l7-utils (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-3861 Malicious code in @antv/color-schema (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Malicious code in @antv/g6-extension-react (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

GHSA-63WH-P5FX-H4VC BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver

Summary Due to unsafe URL handling, bbot's gitclone.py can be made to leak a user's github.com API key to an attacker-controlled webserver. Impact A user who has placed their github.com API key in the configuration for any of the following modules: githubcodesearch githubworkflows gitlab gitclone...

BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver

Summary Due to unsafe URL handling, bbot's gitclone.py can be made to leak a user's github.com API key to an attacker-controlled webserver. Impact A user who has placed their github.com API key in the configuration for any of the following modules: githubcodesearch githubworkflows gitlab gitclone...

EUVD-2021-0202

Malware in sbrugna...

EUVD-2025-28122

Malicious code in bioql PyPI...

github-workflows 安全漏洞

github-workflows is a shared reusable workflow for GitHub Actions for Kartverket individual developers. A security vulnerability exists in github-workflows that stems from a directory traversal in the downloadworkflow function in apiserver.py...

CVE-2025-54430

dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Before commit 3f61e79, a critical severity vulnerability has been identified within the .github/workflows/benchmark-bot.yml workflow, where a issuecomme...

CVE-2021-32724

check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the check-spelling action enabled that triggers on pullrequesttarget or schedule, an attacker can send a crafted Pull Request that causes a GITHUBTOKEN to be exposed. With the...

PT-2025-21175 · Bullfrog · Bullfrog

Name of the Vulnerable Software and Affected Versions: Bullfrog versions prior to 0.8.4 Description: Bullfrog is a GitHub Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration, which can result in sandbox...

GO-2024-2645 Nuclei allows unsigned code template execution through workflows in github.com/projectdiscovery/nuclei

Nuclei allows unsigned code template execution through workflows in github.com/projectdiscovery/nuclei...

CVE-2022-39326

kartverket/github-workflows are shared reusable workflows for GitHub Actions. Prior to version 2.7.5, all users of the run-terraform reusable workflow from the kartverket/github-workflows repo are affected by a code injection vulnerability. A malicious actor could potentially send a PR with a...

Code injection

kartverket/github-workflows are shared reusable workflows for GitHub Actions. Prior to version 2.7.5, all users of the run-terraform reusable workflow from the kartverket/github-workflows repo are affected by a code injection vulnerability. A malicious actor could potentially send a PR with a...

github-workflows 代码注入漏洞

github-workflows is a shared reusable workflow for GitHub Actions for Kartverket individual developers. A security vulnerability exists in github-workflows versions prior to 2.7.5, which stems from being affected by code injection, where a malicious actor may send a PR with a malicious load, whic...

CVE-2022-39326 kartverket/github-workflows's run-terraform allows for RCE via terraform plan

kartverket/github-workflows are shared reusable workflows for GitHub Actions. Prior to version 2.7.5, all users of the run-terraform reusable workflow from the kartverket/github-workflows repo are affected by a code injection vulnerability. A malicious actor could potentially send a PR with a...

CVE-2022-39326

CVE-2022-39326 affects the kartverket/github-workflows repository's run-terraform reusable workflow. Before version 2.7.5, a malicious pull request could inject code that executes arbitrary JavaScript in the workflow context. Impact is described as code execution within the GitHub Actions workflo...