All advisories discovered with AI agents
2025
GHSL-2025-106: Code Injection in esphome/esphome-docs Github Actions Workflow
A code injection vulnerability exists in the latest main branch of esphome/esphome-docs, where the .github/workflows/component-image.yml Github Actions workflow allows attackers to execute arbitrary code with privileged context. This flaw could enable unauthorized access or compromise of the CI environment.
GHSL-2025-110: Cross-site scripting (XSS) in OpenLibrary barcode scanner
The OpenLibrary project was affected by a cross-site scripting (XSS) vulnerability (GHSL-2025-110) in the barcode scanner feature, which could allow an attacker to execute malicious scripts in the context of a user's browser.
GHSL-2025-076: Cross-site scripting (XSS) in bit platform Boilerplate WebInteropApp - CVE-2025-64710
Bit platform Boilerplate was affected by a cross-site scripting (XSS) vulnerability in the WebInteropApp, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web applications.
GHSL-2025-104: Arbitrary command execution within the CI environment in Weaviate
The Weaviate repository was vulnerable to code injection in its Github Actions notifier.yml as of the latest changeset at the time of the review, which potentially could have allowed attackers to execute arbitrary commands within the CI environment.
GHSL-2025-099: Arbitrary code execution in cross-platform-actions/action
The cross-platform-actions/action repository was vulnerable to a code injection issue in its release.yml workflow, affecting the latest changeset at the time of review. This vulnerability could potentially have allowed an attacker to inject and execute arbitrary code within the context of the workflow.
GHSL-2025-094: code execution in a privileged context in a GitHub workflow of faststream
The GitHub Actions workflow pr_autoupdate.yaml checks out untrusted code, potentially allowing attackers to execute arbitrary code in a privileged context.
GHSL-2025-090: Code injection in Github Actions with privileged context in harvester
Improper handling of inputs in GitHub Actions with privileged context could allow attackers to execute arbitrary code.
GHSL-2025-101: Code injection in a GitHub Actions workflow of homeassistant-tapo-control - CVE-2025-55192
The homeassistant-tapo-control repository was vulnerable to code injection in the issues.yml GitHub Actions workflow.
GHSL-2025-091: Code injection vulnerability in a GitHub Actions workflow of ansys/pymapdl
A code injection vulnerability was identified in the GitHub Actions workflow migrator.yml of the ansys/pymapdl project on the latest main branch, enabling potential attackers to execute arbitrary code with privileged context and leak repository secrets. This could lead to unauthorized access, exposure of sensitive information, and further exploitation.
GHSL-2025-084: Untrusted code in Github Actions workflow may lead to secret leak in int128/datadog-actions-metrics
The int128/datadog-actions-metrics project is vulnerable in its latest main branch due to improper validation in a GitHub Actions workflow, where checking out untrusted code could potentially lead to secret leakage.
GHSL-2025-082: Unauthorized code execution in ag-grid
The performance workflow in the ag-grid/ag-grid project’s latest branch is vulnerable to unauthorized code execution due to the insecure checkout of untrusted code in GitHub Actions, potentially exposing secrets and compromising the privileged context.
GHSL-2025-089: Potential code execution in privileged context in YDB
A code injection vulnerability (GHSL-2025-089) was identified in the validate-pr-description GitHub Actions workflow of the ydb-platform/ydb project on the latest main branch, allowing attackers to execute arbitrary code by manipulating input processed by the workflow.
GHSL-2025-087: Potential code execution in high privilege context in PX4-Autopilot
A code injection vulnerability was identified in the PX4/PX4-Autopilot project within the docs_pr_comment.yml GitHub Actions workflow on the latest main branch. An attacker could exploit this issue in a privileged context to execute arbitrary code, potentially compromising the CI/CD pipeline.