Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/05/11 4:11 p.m.8 views

CVE-2026-42603 OWASP BLT: pre-commit-fix.yaml executes untrusted fork code via pull_request_target

OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Prior to 2.1.2, .github/workflows/pre-commit-fix.yaml uses pullrequesttarget privileged trigger but checks out and executes code directly from the attacker's fork, enabling...

8.8CVSS5.9AI score0.0025EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:11 p.m.8 views

CVE-2026-42603

OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Prior to 2.1.2, .github/workflows/pre-commit-fix.yaml uses pullrequesttarget privileged trigger but checks out and executes code directly from the attacker's fork, enabling...

8.8CVSS5.9AI score0.0025EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/11 4:11 p.m.15 views

CVE-2026-42603

The CVE affects OWASP BLT prior to version 2.1.2. The vulnerability arises in the .github/workflows/pre-commit-fix.yaml workflow, which uses pull_request_target (a privileged trigger) to checkout and execute code directly from the attacker’s fork. This enables Remote Code Execution with write per...

8.8CVSS5.9AI score0.0025EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.12 views

PT-2026-39646

OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Prior to 2.1.2, .github/workflows/pre-commit-fix.yaml uses pull request target privileged trigger but checks out and executes code directly from the attacker's fork, enabli...

8.8CVSS5.9AI score0.0025EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/24 6:32 p.m.5 views

CVE-2026-41414 Skim: Arbitrary code execution via pull_request_target fork checkout in pr.yml

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

7.4CVSS5.4AI score0.00281EPSS
Exploits1References2
OSV
OSV
added 2024/07/16 10:15 p.m.5 views

CVE-2024-5815

A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References5
Veracode
Veracode
added 2021/03/04 4:39 a.m.14 views

Unauthorised Modification

pgpverify-maven-plugin allows unauthorized modification. An attacker is able to push base repository or access secrets by checking out and running build script from a fork the untrusted code is running in an environment...

3AI score
Exploits0
Rows per page
Query Builder