Code Execution Vulnerability in CloudPirates Open Source Helm Charts
CVE-2026-45131

10CRITICAL

Key Information:

Vendor

Cloudpirates-io

Status
Helm-charts
Vendor
CVE Published:
1 June 2026

What is CVE-2026-45131?

The CloudPirates Open Source Helm Charts vulnerability allows an attacker to execute arbitrary code due to a flaw in a GitHub Actions workflow. This occurs when forked pull requests run unchecked in a privileged context, leading to the exposure of sensitive repository secrets, including Docker Hub credentials and tokens. This vulnerability has been addressed in commit fcf9302.

Affected Version(s)

helm-charts < fcf930211604652aec15085895b6457bc8b73b54

References

https://github.com/CloudPirates-io/helm-charts/security/a...
x_refsource_CONFIRM
https://github.com/CloudPirates-io/helm-charts/commit/fcf...
x_refsource_MISC

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.