Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Lifecycle Timeline
3DescriptionGitHub Advisory
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (pull-request.yaml) executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens without requiring maintainer approval. This issue has been patched via commit fcf9302.
AnalysisAI
Secret exfiltration in CloudPirates Open Source Helm Charts (prior to commit fcf9302) allows unauthenticated attackers to steal repository secrets, including Docker Hub credentials and tokens, by submitting a malicious fork pull request that triggers the pull-request.yaml GitHub Actions workflow in a privileged context. No public exploit is identified at time of analysis, but the attack pattern is a well-known pwn-request misconfiguration that requires no maintainer approval, and the CVSS score of 10.0 (Critical) with scope change reflects compromise of CI/CD secrets that extend beyond the workflow boundary.
Technical ContextAI
The flaw is a classic GitHub Actions 'pwn request' vulnerability rooted in CWE-94 (Improper Control of Generation of Code / Code Injection). The pull-request.yaml workflow ran on events from fork PRs while operating in a privileged context with access to repository secrets (Docker Hub credentials, registry tokens). According to the cpe:2.3:a:cloudpirates-io:helm-charts:* identifier, all versions of the helm-charts repository prior to the fix are affected. The diff shows the workflow previously triggered on 'synchronize' events and lacked an authorization gate, meaning untrusted code from fork branches could execute steps that referenced ${{ secrets.* }} or had access to the GITHUB_TOKEN with write scopes. The fix introduces a separate 'authorize' job pinned to a GitHub 'external' environment for external forks, leveraging environment protection rules to require manual approval before downstream privileged jobs (now gated via 'needs: authorize') will run.
RemediationAI
Upstream fix available at commit fcf930211604652aec15085895b6457bc8b73b54; downstream forks or vendored copies of these workflows should rebase or merge to at or beyond that commit, which introduces an 'authorize' gate job pinned to the 'external' GitHub Environment so that fork-PR runs require manual approval before privileged steps execute. Repository maintainers who ran the vulnerable workflow before patching must assume secret compromise and rotate all repository and organization secrets exposed to that workflow, particularly Docker Hub credentials and any GITHUB_TOKEN-scoped PATs, and review the Docker Hub push history and Helm chart releases for unauthorized images. As compensating controls if the patch cannot be applied immediately, disable the pull-request.yaml workflow for fork events, switch the trigger from 'pull_request_target' to 'pull_request' (which runs without secrets but loses needed privileges), or restrict the workflow to run only on PRs from the same repository - each option trades CI coverage for external contributors against safety. Advisory: https://github.com/CloudPirates-io/helm-charts/security/advisories/GHSA-c47r-c7gw-cvph.
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
runc through version 1.0-rc6 (used in Docker before 18.09.2) contains a container escape vulnerability that allows attac
Netmaker makes networks with WireGuard. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no a
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
The News & Blog Designer Pack - WordPress Blog Plugin - (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build
Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-c
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 2
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution du
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve
Unauthenticated remote code execution in 9router (npm package) versions 0.4.30 through 0.4.36 allows network-adjacent at
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33666