CVE-2026-47174
Deferred Deferred - Pending Action

Duck Site Workflow Abuse Leads to Unauthorized Deployment

Vulnerability report for CVE-2026-47174, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-11

Last updated on: 2026-06-11

Assigner: GitHub, Inc.

Description

In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull requests, while the deploy workflow runs with package-write permissions and deployment secrets. If an attacker can make a pull request build satisfy the deploy workflow’s main branch condition, the deploy job checks out the triggering workflow commit, builds it into a Docker image, pushes it as latest, and triggers Dokploy deployment. This can allow attacker-controlled pull request code to become the deployed production site image without being merged. This issue has been patched in version 1.0.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-11
Last Modified
2026-06-11
Generated
2026-07-02
AI Q&A
2026-06-12
EPSS Evaluated
2026-06-30
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
duck_organization duck_site 1.0.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-829 The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-47174 is a critical vulnerability in the Duck Site repository's CI/CD pipeline. The issue arises because the deploy workflow runs with elevated permissions and deployment secrets, and it mistakenly allows untrusted pull request code to trigger a production deployment. Specifically, if an attacker creates a pull request from a branch named "main," the deploy workflow treats it as the main branch and builds and deploys the attacker-controlled code as the production site image without requiring the code to be merged.

This flaw is due to the deploy workflow checking out the triggering workflow commit from the pull request instead of the trusted main branch, enabling an attacker to bypass normal code review and merge processes.

Impact Analysis

This vulnerability can have severe impacts including allowing attackers to deploy malicious code directly to the production environment. Potential consequences include supply-chain compromise, website defacement, injection of malicious JavaScript, phishing attacks, and poisoning of container images.

Because the attacker-controlled code can run with high privileges and deployment secrets, it threatens the confidentiality, integrity, and availability of the production site.

Detection Guidance

This vulnerability arises from a GitHub Actions workflow misconfiguration where the deploy workflow runs with elevated permissions and can be triggered by pull requests from branches named "main". To detect this vulnerability, you should inspect your GitHub repository's workflows, specifically the deploy workflow, to see if it runs with package-write permissions and deployment secrets and if it triggers on pull requests with branch name conditions that can be bypassed.

There are no specific network or system commands provided to detect this vulnerability directly. Instead, detection involves reviewing your GitHub Actions workflow YAML files for the described misconfiguration.

Suggested steps include:

  • Check the deploy workflow YAML file in the .github/workflows directory for conditions that allow pull request builds to trigger deploy jobs.
  • Look for usage of package-write permissions and deployment secrets in the deploy workflow.
  • Verify if the deploy workflow checks out the triggering workflow commit instead of the main branch.

Example command to review the deploy workflow file:

  • cat .github/workflows/deploy.yml

No direct network or system commands are provided in the resources to detect exploitation or presence of this vulnerability.

Mitigation Strategies

The immediate mitigation step is to upgrade Duck Site to version 1.0.1 or later, where this vulnerability has been patched.

Additionally, review and modify your GitHub Actions workflows to ensure that deploy workflows do not run with elevated permissions on untrusted pull requests and that deployment secrets are not exposed to pull request workflows.

Specifically:

  • Restrict deploy workflow triggers to only trusted branches, such as the main branch, and avoid triggering deploy jobs from pull requests.
  • Avoid using package-write permissions and deployment secrets in workflows triggered by pull requests.
  • Ensure the deploy workflow checks out the trusted main branch commit rather than the pull request commit.
Compliance Impact

This vulnerability allows attacker-controlled code to be deployed to production without merge approval, leading to potential supply-chain compromise including defacement, malicious JavaScript injection, phishing attacks, or container image poisoning.

Such unauthorized code execution and potential data manipulation can severely impact the confidentiality, integrity, and availability of the system, which are core principles in standards like GDPR and HIPAA.

Therefore, exploitation of this vulnerability could lead to non-compliance with regulations that require protection of sensitive data and secure software deployment processes.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47174. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart