Skip to main content

Vowpal Wabbit

1 CVEs product

Monthly

CVE-2026-44723 MEDIUM PATCH This Month

{{ github.event.pull_request.title }} directly into bash double-quoted strings across four steps in four separate jobs, enabling shell escape via crafted PR title content. No public exploit has been identified and EPSS stands at 0.03% (10th percentile), though the supply-chain nature of this CI-targeting vulnerability means successful exploitation could expose repository secrets and runner tokens.

Python Command Injection Vowpal Wabbit
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.0%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

{{ github.event.pull_request.title }} directly into bash double-quoted strings across four steps in four separate jobs, enabling shell escape via crafted PR title content. No public exploit has been identified and EPSS stands at 0.03% (10th percentile), though the supply-chain nature of this CI-targeting vulnerability means successful exploitation could expose repository secrets and runner tokens.

Python Command Injection Vowpal Wabbit
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy