CVE-2025-11148
CVE-2025-11148 - check-branches is vulnerable to command injection across all versions. The issue arises because the tool trusts branch names as plain text and constructs git commands by concatenating user input, which can be supplied via pull requests or privileged repo access. This allows an at...