CVE-2026-45131
Privileged Code Execution in CloudPirates Open Source Helm Charts
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cloudpirates | helm_charts | to fcf9302 (exc) |
| cloudpirates | open_source_helm_charts | to fcf9302 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized access to sensitive repository secrets, including Docker Hub credentials and tokens, through execution of attacker-controlled code in a privileged context without maintainer approval.
Such unauthorized access and potential exfiltration of secrets can lead to supply chain compromises and unauthorized repository modifications, which may violate security requirements mandated by standards like GDPR and HIPAA that require protection of sensitive data and secure handling of credentials.
Therefore, this vulnerability poses a significant risk to compliance with these regulations by potentially exposing sensitive information and undermining the integrity and confidentiality controls required.
Can you explain this vulnerability to me?
The vulnerability exists in a GitHub Actions workflow named pull-request.yaml in the CloudPirates Open Source Helm Charts repository. This workflow uses the pull_request_target event, which runs with the privileges of the base repository and has access to sensitive secrets such as Docker Hub credentials and tokens.
Because the workflow checks out code from forked pull requests and executes scripts from the forked workspace without requiring maintainer approval, an attacker can create a fork, modify the script to exfiltrate secrets, and open a pull request. When the workflow runs, it will leak these secrets automatically.
This issue is classified as CWE-94 (Improper Control of Generation of Code or Code Injection) and was patched by changing how the workflow handles fork pull requests.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to sensitive repository secrets, including Docker Hub credentials and tokens.
An attacker could execute arbitrary code in a privileged continuous integration environment, potentially publishing malicious container images or compromising the software supply chain.
It may also allow unauthorized modifications to the repository, which can undermine the integrity and security of the project.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a GitHub Actions workflow (pull-request.yaml) that executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets. Detection involves reviewing your GitHub Actions workflows for usage of the pull_request_target event that runs untrusted code with access to secrets.
Specifically, check if your workflows use the pull_request_target event to run code from forks without requiring maintainer approval, and if they access sensitive secrets like Docker Hub credentials.
You can detect suspicious activity by auditing recent workflow runs for unexpected executions or secret exposures.
- Use GitHub CLI to list recent workflow runs: `gh run list --repo owner/repo`
- Inspect workflow run logs for the pull-request.yaml workflow: `gh run view <run-id> --log`
- Review your workflow YAML files for usage of `pull_request_target` event and check if secrets are accessed without approval.
- Search for suspicious scripts or commands in the forked pull requests that could exfiltrate secrets.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding running untrusted fork code in workflows triggered by the pull_request_target event with access to secrets.
Specifically, you should:
- Remove or modify workflows that use the pull_request_target event to run code from forks with secrets.
- Add environment protection rules requiring manual approval or required reviewers before secrets are accessible.
- Run untrusted code in the pull_request event context, which does not have access to secrets.
- Move privileged steps that require secrets to a workflow_run event that triggers only after approval.
Applying the patch from commit fcf9302 that addresses this issue is also critical.