CVE-2026-40903
ArtiPACKED Vulnerability in goshs Causes GITHUB_TOKEN Leak
Publication date: 2026-04-21
Last updated on: 2026-05-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| goshs | goshs | 2.0.0 |
| goshs | goshs | to 2.0.0 (exc) |
| goshs | goshs | 2.0.0 |
| goshs | goshs | 2.0.0 |
| goshs | goshs | 2.0.0 |
| goshs | goshs | 2.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-829 | The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The CVE-2026-40903 vulnerability, known as the ArtiPACKED vulnerability, affects the goshs package prior to version 2.0.0-beta.6. It is a credential persistence issue where the temporary GITHUB_TOKEN, which is dynamically generated by GitHub for each workflow run, is written into the hidden .git/config file by the actions/checkout action when used with its default setting persist-credentials: true.
Although the token is not present in the repository source code, if any workflow step uploads artifacts containing the .git directory or the entire workspace, the token can be inadvertently included in publicly accessible artifacts. This allows an attacker to download the artifact, extract the token, and use it to perform unauthorized actions within the tokenβs valid lifetime.
The attack flow involves an attacker monitoring or waiting for a workflow run that uses actions/checkout. When the workflow runs, the GITHUB_TOKEN is saved in the .git folder. If an artifact upload step includes this folder, the attacker can retrieve the token and misuse it to push malicious code, create pull requests, or poison releases.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized code pushes to main branches, release or package poisoning, secret exfiltration, and full supply-chain compromise affecting downstream users.
Because the GITHUB_TOKEN can be extracted from publicly accessible artifacts, attackers can perform malicious actions such as injecting harmful code, manipulating releases, or compromising the integrity of the software supply chain during the tokenβs valid lifetime.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting your GitHub Actions workflows for usage of the actions/checkout action with the default setting persist-credentials: true. Specifically, check if any workflow steps upload artifacts that include the .git directory or the entire workspace, as this can leak the GITHUB_TOKEN.
You can look for the presence of the GITHUB_TOKEN inside uploaded artifacts by downloading and extracting them, then searching for the token in the .git/config file.
Suggested commands to detect the vulnerability include:
- Review your workflow files for actions/checkout steps without persist-credentials: false.
- Download workflow artifacts and extract them locally.
- Use grep or similar tools to search for the GITHUB_TOKEN in the extracted .git/config file, e.g., `grep -r GITHUB_TOKEN ./extracted-artifact/.git/config`.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, modify all actions/checkout steps in your GitHub Actions workflows to include the setting persist-credentials: false. This prevents the GITHUB_TOKEN from being saved in the .git directory.
Optionally, set fetch-depth: 1 in the actions/checkout step to improve workflow speed.
Additionally, pin all referenced GitHub Actions to full commit SHAs instead of using floating tags or branches to reduce supply-chain risks.
Finally, upgrade goshs to version 2.0.0-beta.6 or later, where this vulnerability is fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The ArtiPACKED vulnerability in goshs can lead to leakage of the GITHUB_TOKEN through workflow artifacts, potentially exposing sensitive credentials publicly. This unauthorized disclosure of credentials can result in unauthorized code pushes, release poisoning, secret exfiltration, and full supply-chain compromise.
Such exposure of sensitive information and unauthorized access could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure handling of credentials to prevent data breaches and unauthorized access.
Therefore, organizations using affected versions of goshs without mitigation may face increased risk of non-compliance due to potential data leakage and security breaches.