Eigent

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-22869 CRITICAL POC PATCH Act Now

Eigent multi-agent workflow CI pipeline (ci.yml) uses pull_request_target with checkout of untrusted PR code, enabling arbitrary code execution with repository write permissions from fork PRs. PoC available, patch available.

Github AI / ML Eigent

NVD GitHub

CVSS 3.1

9.8

EPSS

0.1%

CVE-2026-22869

EPSS 0% CVSS 9.8

CRITICAL POC PATCH Act Now

Eigent multi-agent workflow CI pipeline (ci.yml) uses pull_request_target with checkout of untrusted PR code, enabling arbitrary code execution with repository write permissions from fork PRs. PoC available, patch available.

Github AI / ML Eigent

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy