Lucene search
K
GithubRecent

33227 matches found

Github Security Blog
Github Security Blog
added 2026/05/20 6:31 p.m.10 views

@cyntler/react-doc-viewer's TXTRenderer fails to sanitize file content and explicitly casts raw data as a ReactNode

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

6.1CVSS5.9AI score0.00298EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:46 p.m.14 views

phpMyFAQ: Missing Password Reset Token Allows Account Takeover via Username/Email Enumeration

Summary An authentication bypass vulnerability in phpMyFAQ allows any unauthenticated attacker to reset the password of any user account, including SuperAdmin accounts. By sending a PUT request with just a valid username and associated email address to /api/user/password/update, an attacker...

8.8CVSS5.8AI score0.00324EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/20 3:46 p.m.15 views

phpMyFAQ: Default Empty API Token Authentication Bypass

Summary A default empty API client token allows any unauthenticated user to create and modify FAQ entries, categories, and questions via the REST API. The vulnerability exists in all versions since API v4.0 was introduced because the installation process seeds api.apiClientToken with an empty...

8.7CVSS5.8AI score0.00384EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/20 3:46 p.m.10 views

phpMyFAQ: IDOR Account Takeover

Summary An Insecure Direct Object Reference IDOR vulnerability in phpMyFAQ's Admin API allows any authenticated administrator to change the password of any user account, including SuperAdmin accounts userId=1, without authorization verification. An attacker with a low-privilege admin account can...

8.8CVSS5.8AI score0.00303EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/20 3:45 p.m.11 views

phpMyFAQ: Unauthenticated Password Reset Endpoint Allows User Enumeration and Forced Password Change Without Token Validation

Summary The password reset API can be triggered without authentication and without any out-of-band confirmation step. If an attacker knows a valid username + email pair, they can call the reset endpoint directly. The application immediately generates a new password, writes it to the account, and...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/20 3:45 p.m.24 views

Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows

Summary The /api/v1/chatflows/apikey/:apikey endpoint whitelisted, accessible with API key auth only returns all chatflows bound to the provided API key AND all chatflows across the entire system that have no API key assigned. This crosses workspace boundaries, allowing a user in Workspace A who...

7.7CVSS5.8AI score0.00281EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:44 p.m.10 views

Flowise: Mass Assignment in PUT /api/v1/user Allows Authenticated Users to Override Password Hash and Bypass Password Change Verification

Summary A Mass Assignment vulnerability in the PUT /api/v1/user endpoint allows authenticated users to directly modify restricted user fields, including the credential password hash, bypassing the intended password change workflow. Because the endpoint forwards the entire request body to the...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:38 p.m.10 views

Flowise: Hardcoded CORS wildcard on TTS endpoint enables cross-origin credential abuse from any webpage

Summary The TTS generation endpoint sets Access-Control-Allow-Origin: as a hardcoded response header, independent of the server's CORS configuration. This enables any webpage to make cross-origin requests to generate speech using stored credentials. Root Cause typescript //...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:37 p.m.15 views

wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None

Summary GHSA-mhc8-p3jx-84mm CVE-2026-43948 reported that wger's resetuserpassword and gympermissionsuseredit views in wger/gym/views/user.py performed a gym-scope authorization check using Django ORM object comparison if request.user.userprofile.gym != user.userprofile.gym which silently passes...

9.9CVSS5.7AI score0.00371EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:35 p.m.14 views

OpenTofu: Excessive resource usage in "tofu init" when installing dependencies from attacker-controlled server

Impact Unauthenticated denial of service. Summary When installing provider or module packages from attacker-controlled servers, the server may cause tofu initto enter an infinite loop sending garbage data to that server. Those who depend on modules or providers served from untrusted third-party...

7.5CVSS6.4AI score0.00781EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:35 p.m.32 views

Plug: Unbounded buffer accumulation in multipart header parsing causes denial of service

Summary An Allocation of Resources Without Limits or Throttling vulnerability in Plug.Conn.readpartheaders/2 allows an unauthenticated attacker to exhaust server memory by sending a crafted multipart/form-data request, causing a denial of service. Details Plug.Conn.readpartheaders/2 in...

8.2CVSS5.9AI score0.0062EPSS
Exploits0References11Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:34 p.m.11 views

Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *

Summary The SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard regardless of the caller's Origin. Because EventSource does not preflight and does not send cookies, the wildcard is sufficient to let any third-party page the developer visits open a...

4.3CVSS5.9AI score0.00219EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:33 p.m.13 views

Algernon: Auto-refresh SSE event server binds to all interfaces by default on Linux/macOS

Summary The SSE event server bound to 0.0.0.0:5553 on Linux/macOS by default because the platform-dependent host default in engine/flags.go:39-46 set host = "" for non-Windows, and utils.JoinHostPort"", ":5553" resolves to ":5553" — a Go http.Server.Addr of ":5553" listens on every interface. On...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:33 p.m.21 views

Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-service)

Impact On April 29, 2026, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] were published. The malicious packages harvested credentials and attempted self-propagation. If a compromised version was installed, all credentials accessible on that...

5.8AI score0.00025EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2026/05/20 3:32 p.m.12 views

Setup PHP: GitHub tokens configured by setup-php may be exposed through pinned affected Composer versions

Impact This affects only workflows that pin an exact affected Composer semver version through setup-php, for example tools: composer:2.9.7. Workflows using the default Composer version, composer:v2, or no pinned Composer version are not affected through setup-php, because those Composer URLs have...

5.7AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:31 p.m.11 views

Setup PHP: Command Injection in Repository-Derived PHP Version Resolution

Summary A command injection vulnerability was identified in shivammathur/setup-php when the action resolves the PHP version from repository-controlled files and uses that value while generating the platform setup script. In affected versions, setup-php may read the PHP version from: - .php-versio...

6.2AI score0.01576EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:31 p.m.12 views

Diffusers: TOCTOU Trust Remote Code Bypass

Background This vulnerability is found in the diffusers package - the transformers-equivalent library for diffusion models. It is found in the DiffusionPipeline.frompretrained flow, which is used to load a pipeline from the HuggingFace Hub. This function has a trustremotecode guard: if the...

6.4AI score0.00048EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 3:30 p.m.16 views

RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM

RTK Rust Token Killer improperly trusts project-local configuration files. In versions prior to 0.32.0, RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in a repository to apply...

6.9CVSS5.8AI score0.00078EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 12:31 a.m.11 views

Drupal core is Vulnerable to Cross-Site Scripting

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...

6.1CVSS5.4AI score0.00238EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 12:31 a.m.10 views

Drupal core allows Object Injection

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...

6.6CVSS5.4AI score0.00399EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/20 12:31 a.m.12 views

Drupal core allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 11.3.0 before 11.3.7...

6.1CVSS5.4AI score0.00201EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 9:32 p.m.10 views

Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends

In the AWS Secrets Manager and SSM Parameter Store secrets backends of apache-airflow-providers-amazon prior to 9.28.0, the team-scoping logic could resolve a connid containing a / e.g. "myteam/conn" to the same path as another team's team-scoped secret when the caller had no team context. A...

5.3CVSS5.4AI score0.00413EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 9:32 p.m.12 views

Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of...

8.7CVSS5.5AI score0.00156EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:29 p.m.14 views

@angular/platform-server: SSRF via Hostname Hijacking

Impact A Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how the server-side rendering SSR engine processes the request URL provided to the rendering entry points. When an absolute-form URL e.g., http://evil.com is passed to the rendering...

8.8CVSS5.8AI score0.00221EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:29 p.m.15 views

Caddy Defender trusted proxy client IP bypass

Impact Caddy Defender used r.RemoteAddr when evaluating whether a request should be blocked. RemoteAddr is the address of the immediate peer connected to Caddy. In deployments where Caddy is behind a trusted proxy, CDN, or load balancer, the immediate peer is usually the proxy, not the original...

5.8AI score0.00019EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:28 p.m.15 views

Malicious code in @beproduct/nestjs-auth (0.1.2 through 0.1.19) — Mini Shai-Hulud worm

Summary Between 2026-05-11 20:19 UTC and 22:56 UTC, an attacker used a compromised npm publish token to publish 18 malicious versions of @beproduct/nestjs-auth 0.1.2 through 0.1.19. The packages contained payloads from the Mini Shai-Hulud npm supply-chain worm campaign described by Aikido Securit...

5.8AI score0.0007EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:14 p.m.15 views

FileBrowser Quantum: unauthenticated user share share info

Impact Some sensitive info -- such as source and path can get exposed. Patches Update to the latest version Workarounds no...

5.8AI score0.00052EPSS
Exploits0References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/19 8:13 p.m.12 views

CamoFox MCP: Unauthenticated HTTP MCP browser-control surface

Unauthenticated HTTP MCP browser-control surface in camofox-mcp Summary camofox-mcp exposed a Streamable HTTP MCP endpoint at /mcp with rate limiting but no inbound MCP-layer authentication. When HTTP mode was enabled, any client that could reach /mcp could list and invoke browser-control tools. ...

5.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:10 p.m.15 views

SQLFluff: Uncontrolled Resource Consumption in SQLFluff Parser

Impact In deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious long query to any application using the parser to trigger a Denial of Service through resource exhaustion. Patches Versions 4.2.0 and up contain a configurable parse node...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:10 p.m.22 views

SQLFluff: Recursive Stack Overflow in Parser

Impact In deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive nesting to any application using the parser to trigger a Denial of Service through resource exhaustion. Patches Versions 4.1.0 and up contain ...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:9 p.m.15 views

SillyTavern: SSRF in SearXNG Search Proxy via Unvalidated baseUrl

Resolution SillyTavern 1.18.0 added a generic server-side request filter Private Request Whitelisting. Since we expect users to use the application in a trusted environment, the filter is disabled by default, however it is strongly advised to be enabled and properly configured when an instance is...

8.5CVSS6AI score0.00866EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:9 p.m.15 views

Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal

Summary dasel's selector lexer enters a non-terminating loop when tokenizing an unterminated regex pattern such as r/abc. A 2-byte input r/ is sufficient to cause the tokenizer to consume 100% CPU on one core indefinitely. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8 a...

5.8AI score0.0005EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:8 p.m.20 views

Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string

Summary dasel's selector lexer panics with an index-out-of-range error when tokenizing a quoted string that ends with a trailing backslash e.g., "\ or '. A 2-byte input causes an immediate process crash via Go runtime panic. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8...

5.8AI score0.00052EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:7 p.m.12 views

@libp2p/kad-dht: Unvalidated PUT_VALUE records allow unbounded disk exhaustion on DHT server nodes

Summary An unauthenticated remote peer can exhaust the disk storage of any @libp2p/kad-dht node running in server mode by sending an unbounded stream of PUTVALUE messages whose keys bypass all content validation. No credentials, no prior relationship, and no protocol deviation beyond a crafted ke...

7.5CVSS5.9AI score0.00354EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 8:4 p.m.13 views

Coder: PKCS#7 signature bypass in Azure instance identity allows unauthenticated agent token theft

Summary azureidentity.Validate verifies that the PKCS7 signer certificate chains to a trusted Azure CA but never verifies the PKCS7 signature itself. An attacker can embed a legitimate Azure certificate alongside arbitrary content e.g. "vmId":"" and the forged vmId will be accepted returning the...

9.1CVSS5.9AI score0.0026EPSS
Exploits0References9Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/19 8:3 p.m.14 views

Nuxt: `__nuxt_island` endpoint does not bind responses to request props, enabling shared-cache poisoning

Summary The /nuxtisland/ endpoint accepts attacker-controlled props query/body parameters and renders any island component without verifying that the URL-resident hash .json was actually issued for those inputs by . The hash is computed and embedded client-side but never validated server-side, so...

5.4CVSS6AI score0.00091EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/19 8:0 p.m.16 views

Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path

Summary pymdownx.snippets has a regression of the CVE-2023-32309 / GHSA-jh85-wwv9-24hv fix. With restrictbasepath: True the default, the current filename.startswithbase containment check does not enforce a directory boundary. As a result, a markdown snippet directive can read files from sibling...

7.5CVSS7AI score0.01815EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:57 p.m.15 views

PenPot MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE

Summary The MCP module's ReplServer binds to all interfaces 0.0.0.0:4403 and exposes a /execute endpoint that runs arbitrary code with zero authentication. Anyone on the network can POST JavaScript and it runs on the server. The main PenpotMcpServer was partially fixed for a similar binding issue...

6.1AI score0.00045EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:56 p.m.16 views

FPDI: Memory Exhaustion and Endless Loop in FPDI leads to Denial of Service

Impact This is a significant Denial of Service DoS vulnerability. Any application that uses FPDI to process user-supplied PDF files is at risk. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion or a script time-out. Repeate...

6CVSS5.8AI score0.00259EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:54 p.m.13 views

Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-decoding service

CVE-2026-45799 Maintainer summary Wire's protobuf group-skipping logic did not reject negative lengths before skipping a length-delimited field inside a group. A crafted protobuf payload could cause Wire to throw an unchecked runtime exception during decoding instead of the documented IOException...

5.8AI score0.00055EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/19 7:53 p.m.17 views

Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint

Summary Unauthenticated semi-blind Server-Side Request Forgery SSRF via the Azure instance identity endpoint POST /api/v2/workspaceagents/azure-instance-identity. An external attacker can force the Coder server to issue HTTP GET requests to arbitrary internal or external hosts by submitting a...

6.5CVSS6.1AI score0.00335EPSS
Exploits0References10Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/19 7:51 p.m.12 views

HAX CMS: Denial of Service using Malicious Import Request

Summary The HAX CMS NodeJS application crashes when an authenticated attacker sends a specially crafted site creation request to the createSite endpoint. A single request is sufficient to take the entire application offline, requiring a manual server restart to restore service. Details The...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:50 p.m.11 views

OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle

Summary The BST name-lookup loop in DirectoryTree.TryGetDirectoryEntry OpenMcdf/DirectoryTree.cs:35-46 walks directory entries by repeatedly calling directories.TryGetSiblingchild, siblingType, validateColor. A crafted CFB file with cyclic Left/Right sibling links among directory entries -...

5.9AI score0.00017EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:50 p.m.13 views

rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

5.8AI score0.00019EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:49 p.m.13 views

Turbo: Login callback CSRF/session fixation

Impact Turborepo's self-hosted login and SSO browser flows did not validate a CSRF state value on the localhost callback. While the CLI was waiting for authentication, a malicious web page could send a request to the local callback server with an attacker-controlled token. If accepted before the...

6.5CVSS5.8AI score0.00124EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:46 p.m.13 views

Turbo: Unexpected local code execution during Yarn Berry detection

Impact Turborepo can be vulnerable to arbitrary code execution when run in untrusted repositories that contain malicious Yarn configuration. In affected versions, package manager detection executed yarn --version from the project directory, which could cause Yarn to load and execute a...

9.8CVSS6.4AI score0.00386EPSS
Exploits0References3Affected Software3
Github Security Blog
Github Security Blog
added 2026/05/19 7:42 p.m.21 views

MCP Gateway: Authority-injection and JWT/session bypass via the unauthenticated router hair-pin "router-key" / "mcp-init-host" path

Summary The MCP router extproc exposes an initialize-method code path that, when a request carries an mcp-init-host header, bypasses the gateway JWT session validator and rewrites the upstream :authority header to whatever the caller chooses, gated only by a single shared header value router-key...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:42 p.m.29 views

Diesel: Command injection in Diesel's implementation of `COPY FROM`/`COPY TO`

Diesel allows users to configure various options for PostgreSQL's COPY FROM and COPY TO statements. These configurations are partially provided as strings or characters. Diesel did not check if any these user-provided options contain a quote character ', which can lead to the injection of...

5.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:39 p.m.22 views

Diesel: Possible unaligned data access for implementations of `SqliteAggregate`

Diesel allows to register custom aggregate SQL functions for SQLite via the SqliteAggregate interface. To store an instance of the custom aggregate processor Diesel relied on the sqlite3aggregatecontext function provided by sqlite. This function doesn't provide any guarantees about alignment of t...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/19 7:37 p.m.15 views

GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injection

Summary A security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. Details The vulnerability stems from the way GitHub CLI handles raw Actions log...

3.5CVSS6.1AI score0.00206EPSS
Exploits1References3Affected Software2
Total number of security vulnerabilities33227