15 matches found
CVE-2026-45131
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
CVE-2026-45131
CloudPirates Open Source Helm Charts are affected by a vulnerability in the GitHub Actions pull-request.yaml workflow where attacker-controlled code from fork pull requests could run in a privileged context, exposing repository secrets (e.g., Docker Hub credentials/tokens). The issue precedes com...
CVE-2026-45131 CloudPirates Open Source Helm Charts: GitHub Actions pull_request_target workflow allows secret exfiltration via fork pull requests
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
CVE-2026-45131 CloudPirates Open Source Helm Charts: GitHub Actions pull_request_target workflow allows secret exfiltration via fork pull requests
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
EUVD-2026-33666
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
PT-2026-45467
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow pull-request.yaml executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens...
EUVD-2026-32908
Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...
CVE-2026-41414
Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...
CVE-2026-22869
Eigent is a multi-agent Workforce. A critical security vulnerability in the CI workflow .github/workflows/ci.yml allows arbitrary code execution from fork pull requests with repository write permissions. The vulnerable workflow uses pullrequesttarget trigger combined with checkout of untrusted PR...
CVE-2026-22869
Eigent is a multi-agent Workforce. A critical security vulnerability in the CI workflow .github/workflows/ci.yml allows arbitrary code execution from fork pull requests with repository write permissions. The vulnerable workflow uses pullrequesttarget trigger combined with checkout of untrusted PR...
CVE-2026-22869 Eigent Allows Arbitrary Code Execution via pull_request_target CI Workflow
Eigent is a multi-agent Workforce. A critical security vulnerability in the CI workflow .github/workflows/ci.yml allows arbitrary code execution from fork pull requests with repository write permissions. The vulnerable workflow uses pullrequesttarget trigger combined with checkout of untrusted PR...
EUVD-2026-2414
Eigent is a multi-agent Workforce. A critical security vulnerability in the CI workflow .github/workflows/ci.yml allows arbitrary code execution from fork pull requests with repository write permissions. The vulnerable workflow uses pullrequesttarget trigger combined with checkout of untrusted PR...
CVE-2026-22869
Eigent’s CVE-2026-22869 affects its CI workflow (.github/workflows/ci.yml) used in the Eigent multi‑agent Workforce. The vulnerability arises from using the pull_request_target trigger in combination with checking out untrusted PR code, enabling arbitrary code execution from fork pull requests wi...
PT-2026-2803
Eigent is a multi-agent Workforce. A critical security vulnerability in the CI workflow .github/workflows/ci.yml allows arbitrary code execution from fork pull requests with repository write permissions. The vulnerable workflow uses pull request target trigger combined with checkout of untrusted ...
Jenkins Bitbucket Branch Source Plugin Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...