PT-2026-6908

Name of the Vulnerable Software and Affected Versions Harden-Runner versions prior to 2.14.2 Description Harden-Runner, a CI/CD security agent functioning as an EDR for GitHub Actions runners, contained a security issue where outbound network connections could bypass audit logging. Specifically,...

kernel: Race condition vulnerability in execve argv arguments

When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands...