actions Latest High & Critical Vulnerabilities

Latest High & Critical vulnerabilities published by actions

JSON RSS CSV 🔔 Create Alert Trigger

26 July 2025

Arbitrary Command Execution Vulnerability in tj-actions/branch-names GitHub Action
CVE-2025-54416
Tj-actionsBranch-names9.1CRITICAL

5 May 2025

Access Control Flaw in Shiro-Action Affects Sensitive Information Exposure
CVE-2025-45613
Shiro-ActionShiro-Action7.5HIGH

15 March 2025

Remote Code Execution Vulnerability in tj-actions changed-files by GitHub
CVE-2025-30066
Tj-actionsChanged-files📈👾EPSS 91%🦅8.6HIGH

2 September 2024

Arbitrary File Write Vulnerability in GitHub Actions
CVE-2024-42471
ActionsToolkit👾🟡7.3HIGH

29 December 2023

GitHub Action tj-actions/verify-changed-files is vulnerable to command injection in output filenames
CVE-2023-52137
tj-actionsverify-changed-files7.7HIGH

27 December 2023

tj-actions/changed-files command injection in output filenames
CVE-2023-51664
tj-actionschanged-files7.3HIGH

5 December 2023

Improper Sanitization of Branch Name Leads to Arbitrary Code Injection
CVE-2023-49291
tj-actionsbranch-names9.8CRITICAL

25 October 2022

GitHub Actions Runner vulnerable to Docker Command Escaping
CVE-2022-39321
ActionsRunner8.8HIGH