Theia Website

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-1699 CRITICAL POC Act Now

Supply chain vulnerability in Eclipse Theia GitHub Actions workflow. The preview.yml workflow uses pull_request_target with checkout, enabling malicious PRs to steal secrets. CVSS 10.0, PoC available.

Github Theia Website

NVD

CVSS 3.1

10.0

EPSS

0.0%

CVE-2026-1699

EPSS 0% CVSS 10.0

CRITICAL POC Act Now

Supply chain vulnerability in Eclipse Theia GitHub Actions workflow. The preview.yml workflow uses pull_request_target with checkout, enabling malicious PRs to steal secrets. CVSS 10.0, PoC available.

Github Theia Website

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy