CVE-2026-12567
LowCVSS 2.2Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
The github_workflows module constructs local directory paths from user-controlled repository names without validating for symlinks. A local attacker can plant a symlink at the predictable output path, causing workflow data to be written to an attacker-chosen location.
Risk Assessment
An attacker can manipulate workflow data, potentially leading to information leakage or data loss. This type of vulnerability can affect the integrity and confidentiality of processes within the organization.
Recommendation
It is recommended to implement path validation in the github_workflows module to prevent the exploitation of symlinks by local attackers. Access to scan directories should also be restricted to trusted users.
Original NVD description (English source)
The github_workflows module constructs local directory paths from user-controlled repository names without validating for symlinks. A local attacker sharing the scan directory can plant a symlink at the predictable output path, causing workflow data to be written to an attacker-chosen location.

