Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    Related vulnerabilities

    CVE-2026-27941 (GCVE-0-2026-27941)

    Vulnerability from cvelistv5 – Published: 2026-02-26 01:17 – Updated: 2026-02-26 15:54
    VLAI
    Title
    OpenLIT Vulnerable to Remote Code Execution and Secret Exposure via Misuse of `pull_request_target` in GitHub Actions Workflows
    Summary
    OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the `pull_request_target` event while checking out and executing untrusted code from forked pull requests. These workflows run with the security context of the base repository, including a write-privileged `GITHUB_TOKEN` and numerous sensitive secrets (API keys, database/vector store tokens, and a Google Cloud service account key). Version 1.37.1 contains a fix.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
    Assigner
    References
    Impacted products
    Vendor Product Version
    openlit openlit Affected: < 1.37.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-27941",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-26T15:52:53.788265Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:54:11.519Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "openlit",
              "vendor": "openlit",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 1.37.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT\u0027s GitHub repository use the `pull_request_target` event while checking out and executing untrusted code from forked pull requests. These workflows run with the security context of the base repository, including a write-privileged `GITHUB_TOKEN` and numerous sensitive secrets (API keys, database/vector store tokens, and a Google Cloud service account key). Version 1.37.1 contains a fix."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-829",
                  "description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-26T01:17:22.532Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/openlit/openlit/security/advisories/GHSA-9jgv-x8cq-296q",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/openlit/openlit/security/advisories/GHSA-9jgv-x8cq-296q"
            },
            {
              "name": "https://github.com/openlit/openlit/commit/4a62039a1659d6cbb8913172693f587b5fc2546c",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/openlit/openlit/commit/4a62039a1659d6cbb8913172693f587b5fc2546c"
            }
          ],
          "source": {
            "advisory": "GHSA-9jgv-x8cq-296q",
            "discovery": "UNKNOWN"
          },
          "title": "OpenLIT Vulnerable to Remote Code Execution and Secret Exposure via Misuse of `pull_request_target` in GitHub Actions Workflows"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-27941",
        "datePublished": "2026-02-26T01:17:22.532Z",
        "dateReserved": "2026-02-25T03:11:36.689Z",
        "dateUpdated": "2026-02-26T15:54:11.519Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    PYSEC-2026-2246

    Vulnerability from pysec - Published: 2026-02-26 02:16 - Updated: 2026-07-13 05:50
    VLAI
    Details

    OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the pull_request_target event while checking out and executing untrusted code from forked pull requests. These workflows run with the security context of the base repository, including a write-privileged GITHUB_TOKEN and numerous sensitive secrets (API keys, database/vector store tokens, and a Google Cloud service account key). Version 1.37.1 contains a fix.

    Impacted products
    Name purl
    openlit pkg:pypi/openlit

    {
      "affected": [
        {
          "ecosystem_specific": {},
          "package": {
            "ecosystem": "PyPI",
            "name": "openlit",
            "purl": "pkg:pypi/openlit"
          },
          "ranges": [
            {
              "events": [
                {
                  "introduced": "1.36.2"
                },
                {
                  "fixed": "1.37.1"
                }
              ],
              "type": "ECOSYSTEM"
            }
          ],
          "versions": [
            "1.36.2",
            "1.36.3",
            "1.36.6",
            "1.36.7",
            "1.36.8",
            "1.36.9",
            "1.37.0"
          ]
        }
      ],
      "aliases": [
        "CVE-2026-27941",
        "GHSA-9jgv-x8cq-296q"
      ],
      "details": "OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT\u0027s GitHub repository use the `pull_request_target` event while checking out and executing untrusted code from forked pull requests. These workflows run with the security context of the base repository, including a write-privileged `GITHUB_TOKEN` and numerous sensitive secrets (API keys, database/vector store tokens, and a Google Cloud service account key). Version 1.37.1 contains a fix.",
      "id": "PYSEC-2026-2246",
      "modified": "2026-07-13T05:50:35.439193Z",
      "published": "2026-02-26T02:16:22.160Z",
      "references": [
        {
          "type": "FIX",
          "url": "https://github.com/openlit/openlit/commit/4a62039a1659d6cbb8913172693f587b5fc2546c"
        },
        {
          "type": "EVIDENCE",
          "url": "https://github.com/openlit/openlit/security/advisories/GHSA-9jgv-x8cq-296q"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "type": "CVSS_V3"
        }
      ]
    }