CVE-2025-49013 WilderForge vulnerable to code Injection via GitHub Actions Workflows

WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of $ github.event.review.body and other user controlled variables directly inside shell script contexts in GitHub...

PT-2025-24436 · Unknown +1 · Wilderforge +1

Name of the Vulnerable Software and Affected Versions: WilderForge affected versions not specified Description: A critical issue has been identified in the WilderForge organization, stemming from the unsafe use of user-controlled variables, such as $ github.event.review.body , directly inside she...

SCGAgent: Recreating the Benefits of Reasoning Models for Secure Code Generation with Agentic Workflows

Large language models LLMs have seen widespread success in code generation tasks for different scenarios, both everyday and professional. However current LLMs, despite producing functional code, do not prioritize security and may generate code with exploitable vulnerabilities. In this work, we...

Inclusive, Differentially Private Federated Learning for Clinical Data

Federated Learning FL offers a promising approach for training clinical AI models without centralizing sensitive patient data. However, its real-world adoption is hindered by challenges related to privacy, resource constraints, and compliance. Existing Differential Privacy DP approaches often app...

Chances and Challenges of the Model Context Protocol in Digital Forensics and Incident Response

Large language models hold considerable promise for supporting forensic investigations, but their widespread adoption is hindered by a lack of transparency, explainability, and reproducibility. This paper explores how the emerging Model Context Protocol can address these challenges and support th...

CVE-2024-52799

Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which will allow kubectl exec into any Pod in the same namespace, i.e. arbitrary code execution within those...

CVE-2024-45919

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...

CVE-2024-54675

app/webroot/js/workflows-editor/workflows-editor.js in MISP through 2.5.2 has stored XSS in the editor interface for an ad-hoc workflow...

CVE-2023-34063

Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows...

CVE-2023-6804

Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. To exploit this, a workflow must have already existed in the target repo. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.1...

CVE-2023-24029

In Progress WSFTP Server before 8.8, it is possible for a host administrator to elevate their privileges via the administrative interface due to insufficient authorization controls applied on user modification workflows...

CVE-2021-32724

check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the check-spelling action enabled that triggers on pullrequesttarget or schedule, an attacker can send a crafted Pull Request that causes a GITHUBTOKEN to be exposed. With the...

CVE-2009-1078

Sun Java System Identity Manager IdM 7.0 through 8.0 does not enforce the expected privilege requirements for 1 deleting audit policies and 2 modifying workflows, which allows remote authenticated users to have an unspecified impact...

Securing CI/CD workflows with Wazuh

Continuous Integration and Continuous Delivery/Deployment CI/CD refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and...

📄 Nextcloud Workflows Remote Code Execution

This Metasploit module adds workflows as an authenticated user which can only be created by administrators by design. If the app "Nextcloud Workflow Script" is installed it is possible to generate a workflow that executes commands. This module requires Metasploit: https://metasploit.com/download...

Automated Alert Classification and Triage (AACT): an Intelligent System for the Prioritisation of Cybersecurity Alerts

Enterprise networks are growing ever larger with a rapidly expanding attack surface, increasing the volume of security alerts generated from security controls. Security Operations Centre SOC analysts triage these alerts to identify malicious activity, but they struggle with alert fatigue due to t...

PT-2025-21175 · Bullfrog · Bullfrog

Name of the Vulnerable Software and Affected Versions: Bullfrog versions prior to 0.8.4 Description: Bullfrog is a GitHub Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration, which can result in sandbox...

From Complexity to Clarity: The Blueprint for Scalable Workflow Automation

Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to…...

Applied Post Quantum Cryptography: a Practical Approach for Generating Certificates in Industrial Environments

The transition to post-quantum cryptography PQC presents significant challenges for certificate-based identity management in industrial environments, where secure onboarding of devices relies on long-lived and interoperable credentials. This work analyzes the integration of PQC into X.509...

Remediate Risk Without the Roadblocks: Automate with Qualys Flow

Remediation and Workflow Automation, Redefined Still relying on manual steps in your cloud security? It’s outdated, and it’s risky. Manual processes lead to slower threat detection, human errors, increased operational costs, and compliance delays. This isn’t just inefficient—it’s a liability. Ent...