CVE-2026-40316
Remote Code Execution in OWASP BLT GitHub Workflow
Publication date: 2026-04-15
Last updated on: 2026-04-15
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| owasp | blt | to 2.1.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-95 | The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval"). |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows arbitrary code execution in a privileged CI environment with access to repository secrets and the GITHUB_TOKEN. Such unauthorized access and potential exfiltration of sensitive information could lead to violations of data protection regulations and standards that require safeguarding of sensitive data, such as GDPR and HIPAA.
Specifically, the compromise of repository secrets and potential supply chain attacks could result in unauthorized disclosure or alteration of personal or protected health information, thereby impacting compliance with these regulations.
Can you explain this vulnerability to me?
This vulnerability exists in OWASP BLT versions prior to 2.1.1 within the .github/workflows/regenerate-migrations.yml workflow. The workflow uses the pull_request_target trigger, which runs with full GITHUB_TOKEN write permissions. It copies attacker-controlled files from untrusted pull requests into the trusted runner workspace using git show, then executes a Django command that imports model modules including the attacker-controlled website/models.py file. Because Python code in models.py is executed during import, this allows arbitrary code execution in the privileged CI environment.
An external contributor can trigger this vulnerability by opening a pull request and having a maintainer apply the regenerate-migrations label. This leads to execution of malicious code with access to repository secrets and the GITHUB_TOKEN.
How can this vulnerability impact me? :
This vulnerability can lead to several serious impacts including secret exfiltration, repository compromise, and supply chain attacks. Because the attacker can execute arbitrary code in the CI environment with full write permissions via GITHUB_TOKEN, they can potentially access and steal sensitive information, modify repository contents, or inject malicious code into the software supply chain.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade OWASP BLT to version 2.1.1 or later, where the patch for this issue is expected to be released.
Additionally, avoid applying the regenerate-migrations label to pull requests from external contributors until the patch is applied, as this label triggers the vulnerable workflow.