Medium severity6.5OSV Advisory· Published Oct 16, 2025· Updated Apr 15, 2026

CVE-2025-60639

Description

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c (2025-05-26).

Affected products

Gsiegel14/Atlas EpicOSV

Patches

f29312cf782e

Fix GitHub Pages workflow to deploy from docs directory

https://github.com/gsiegel14/atlas-epicgsiegel14May 26, 2025via osv

commit

1 file changed · +2 −2

.github/workflows/static.yml+2 −2 modified

@@ -36,8 +36,8 @@ jobs:
       - name: Upload artifact
         uses: actions/upload-pages-artifact@v3
         with:
-          # Upload entire repository
-          path: '.'
+          # Upload docs directory only
+          path: './docs'
       - name: Deploy to GitHub Pages
         id: deployment
         uses: actions/deploy-pages@v4

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000