[GHSA-r79c-pqj3-577x] Super-linter is vulnerable to command injection via crafted filenames in Super-linter Action

advisories/github-reviewed/2026/02/GHSA-r79c-pqj3-577x/GHSA-r79c-pqj3-577x.json

@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r79c-pqj3-577x",
-  "modified": "2026-02-09T22:39:39Z",
+  "modified": "2026-02-09T22:39:41Z",
   "published": "2026-02-09T17:46:31Z",
   "aliases": [
     "CVE-2026-25761"
   ],
   "summary": "Super-linter is vulnerable to command injection via crafted filenames in Super-linter Action",
-  "details": "### Summary\n\nThe Super-linter GitHub Action is vulnerable to **command injection via crafted filenames**. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull request that introduces a file whose **name** contains shell command substitution syntax, such as `$(...)`. In affected Super-linter versions, runtime scripts may execute the embedded command during file discovery processing, enabling arbitrary command execution in the workflow runner context. This can be used to disclose the job’s `GITHUB_TOKEN` depending on how the workflow configures permissions.\n\n### Details\n\nThe issue appears originates in the logic that scans the repository for changed files to check.\n\n1. Use a workflow that runs Super-linter on `pull_request` events.\n2. Open a pull request that adds a new file with a crafted filename containing command substitution and an outbound request that includes `$GITHUB_TOKEN`.\n3. Run the workflow.  \n\n### Impact\n\n- **Arbitrary command execution** in the context of the workflow run that invokes Super-linter (triggered by attacker-controlled filenames in a PR).\n- **Credential exposure / misuse:** the injected command can read environment variables available to the action, including `GITHUB_TOKEN`.\n\nThe level of exposure depends on the source of the pull request.\n\nTo actively exploit the vulnerability, an attacker needs have the ability to run workflows without any [approval from the repository admin](https://docs.github.com/en/actions/how-tos/manage-workflow-runs/approve-runs-from-forks).\n\nAlso, the `GITHUB_TOKEN` needs to have unconstrained access to repository resources. Even in that case, for pull request coming from forked repositories, no secrets are passed to the forked repository when running workflows triggered by `pull_request` events, and the `GITHUB_TOKEN` drops and write permission on the source repository [source](https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflows-in-forked-repositories).\n\nFinally, although not specific to this vulnerability, we recommend auditing `workflow_call` and `pull_request_target` workflows because they can lead to compromise, regardless of whether you're using Super-linter, or not, as [explained by this GitHub Enterprise doc](https://docs.github.com/en/enterprise-cloud@latest/actions/reference/security/secure-use#mitigating-the-risks-of-untrusted-code-checkout).",
+  "details": "### Summary\n\nThe Super-linter GitHub Action is vulnerable to **command injection via crafted filenames**. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull request that introduces a file whose **name** contains shell command substitution syntax, such as `$(...)`. In affected Super-linter versions, runtime scripts may execute the embedded command during file discovery processing, enabling arbitrary command execution in the workflow runner context. This can be used to disclose the job’s `GITHUB_TOKEN` depending on how the workflow configures permissions.\n\n### Details\n\nThe issue appears originates in the logic that scans the repository for changed files to check.\n\n1. Use a workflow that runs Super-linter on `pull_request` events.\n2. Open a pull request that adds a new file with a crafted filename containing command substitution and an outbound request that includes `$GITHUB_TOKEN`.\n3. Run the workflow.  \n\n### Impact\n\n- **Arbitrary command execution** in the context of the workflow run that invokes Super-linter (triggered by attacker-controlled filenames in a PR).\n- **Credential exposure / misuse:** the injected command can read environment variables available to the action, including `GITHUB_TOKEN`.\n\nThe level of exposure depends on the source of the pull request.\n\nTo actively exploit the vulnerability, an attacker needs have the ability to run workflows without any [approval from the repository admin](https://docs.github.com/en/actions/how-tos/manage-workflow-runs/approve-runs-from-forks).\n\nAlso, the `GITHUB_TOKEN` needs to have unconstrained access to repository resources. Even in that case, for pull request coming from forked repositories, no secrets are passed to the forked repository when running workflows triggered by `pull_request` events, and the `GITHUB_TOKEN` drops and write permission on the source repository [source](https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflows-in-forked-repositories).\n\nFinally, although not specific to this vulnerability, we recommend auditing `workflow_call` and `pull_request_target` workflows because they can lead to compromise, regardless of whether you're using Super-linter, or not, as [explained by this GitHub Enterprise doc](https://docs.github.com/en/enterprise-cloud@latest/actions/reference/security/secure-use#mitigating-the-risks-of-untrusted-code-checkout).\nGitHub Super-linter Command Injection Vulnerability Analysis\nCVE-2026-25761 - Professional Security Assessment",
   "severity": [
     {
       "type": "CVSS_V3",