CVE-2026-44358
Code Execution in Espressif Shared GitHub DangerJS Action
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| espressif | shared-github-dangerjs | to 1.0.1 (exc) |
| espressif | shared-github-dangerjs | 1.0.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
| CWE-829 | The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an untrusted search path in the GitHub Action's entrypoint script, which could allow execution of malicious code from forked pull requests. Detection involves checking the version of the shared-github-dangerjs action used in your workflows.
You can detect if your GitHub workflows are using a vulnerable version (1.0.0 or earlier) by inspecting your workflow YAML files for the action version.
- Run a command to search for the action version in your repository workflows, for example:
- grep -r 'espressif/shared-github-dangerjs' .github/workflows/
If the output shows version 1.0.0 or earlier, your workflows are vulnerable.
Additionally, audit your workflow permissions to identify if they include broad scopes like `pull-requests: write`, `contents: write`, or `permissions: write-all`, which increase the risk.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update the shared-github-dangerjs GitHub Action to version 1.0.1 or later, where the vulnerability is fixed.
Version 1.0.1 removes untrusted content from the module-resolution path and uses an absolute path to invoke the DangerJS binary, preventing malicious code execution.
Additionally, audit and minimize the permissions granted to your workflows to reduce potential impact, avoiding broad write permissions where not necessary.
Removing or restricting the `pull_request_target` workflow permissions can also help mitigate the risk of malicious fork pull requests executing code.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows malicious code from forked pull requests to execute within the action container, potentially enabling attackers to manipulate pull requests, comments, or gain full authenticated write access to the repository if the workflow permissions are broad.
Such unauthorized access and manipulation could lead to exposure or alteration of sensitive data, which may impact compliance with data protection standards and regulations like GDPR or HIPAA, especially if the repository contains regulated data or code that handles such data.
To mitigate these risks and maintain compliance, it is recommended to update to version 1.0.1 or later, which fixes the vulnerability, and to audit and minimize workflow permissions to reduce potential impact.
Can you explain this vulnerability to me?
CVE-2026-44358 is a security vulnerability in the Espressif Shared GitHub DangerJS GitHub Action versions 1.0.0 and earlier. The issue arises because the action's entrypoint script invokes DangerJS from the caller's workspace after copying the forked repository's checkout into it. This creates an untrusted search path for both binary and Node.js module resolution.
As a result, a malicious fork pull request processed by a pull_request_target workflow could execute attacker-supplied code inside the action container instead of the intended action code. This happens because the script allows arbitrary code execution by resolving binaries and modules from untrusted locations.
The vulnerability is categorized under CWE-427 (Uncontrolled Search Path Element) and CWE-829 (Inclusion of Functionality from Untrusted Control Sphere). It was fixed in version 1.0.1 by removing untrusted content from the module-resolution path and using an absolute path to invoke the action's own DangerJS binary.
How can this vulnerability impact me? :
The impact of this vulnerability depends on the permissions granted to the calling workflow. If the workflow has limited permissions, an attacker exploiting this vulnerability could gain read access to the repository.
However, if the workflow has broader permissions such as `pull-requests: write`, `contents: write`, or `permissions: write-all`, the attacker could manipulate pull requests, comments, or even gain full authenticated write access to the repository.
The attacker only needs network access to submit a fork pull request and does not require any repository privileges to exploit this vulnerability.
To mitigate the impact, users should update to version 1.0.1 or later and audit their workflows to minimize permissions.