CVE-2026-41414 Skim: Arbitrary code execution via pull_request_target fork checkout in pr.yml

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

skim 代码注入漏洞

Skim is a fuzzy search and rapid file location tool developed by skim-rs. Skim has a code injection vulnerability, which stems from the generate-files task in pr.yml checking and executing forked code controlled by the attacker, potentially leading to key leakage. The following versions are...