VYPR
← All advisories
Critical severity10.0NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026

CVE-2026-45131

CVE-2026-45131

Description

A GitHub Actions workflow in CloudPirates Helm Charts uses pull_request_target to execute untrusted fork code with repository secrets, enabling unauthorized secret exfiltration.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A GitHub Actions workflow in CloudPirates Helm Charts uses pull_request_target to execute untrusted fork code with repository secrets, enabling unauthorized secret exfiltration.

Vulnerability

The pull-request.yaml GitHub Actions workflow in CloudPirates Open Source Helm Charts is vulnerable to secret exfiltration because it utilizes the pull_request_target trigger [1]. This configuration executes code from fork-controlled pull requests within the context of the base repository, granting the workflow access to sensitive repository secrets, including Docker Hub credentials and the GITHUB_TOKEN, without requiring maintainer approval [1].

Exploitation

An attacker can exploit this by forking the repository and modifying the test-charts.sh script to exfiltrate environment secrets [1]. Upon opening a pull request, the workflow automatically triggers, checks out the malicious fork-controlled code, and executes the compromised script in a privileged environment, allowing the attacker to capture credentials without any manual intervention or gating mechanism [1].

Impact

Successful exploitation allows an attacker to exfiltrate sensitive repository secrets, including REGISTRY_USER, REGISTRY_PASSWORD, and the GITHUB_TOKEN [1]. This compromise enables the attacker to execute arbitrary code in the CI environment, potentially leading to the publication of malicious container images, unauthorized repository modifications, and a supply chain compromise for downstream users [1].

Mitigation

The vulnerability has been addressed in commit fcf9302, which introduces an environment protection gate that requires manual approval for workflows triggered by external forks [1][2]. Users should ensure their workflows are updated to include these authorization checks or move privileged operations to a workflow_run event that executes only after maintainer review [1].

References
  1. GitHub Actions pull_request_target workflow allows secret exfiltration via fork pull requests
  2. Merge commit from fork · CloudPirates-io/helm-charts@fcf9302

AI Insight generated on Jun 1, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

2
fcf930211604

Merge commit from fork

https://github.com/CloudPirates-io/helm-chartsFinn RadesApr 28, 2026via nvd-ref
commit
2 files changed · +22 2
  • .github/workflows/generate-schema.yaml+12 0 modified
    @@ -2,6 +2,9 @@ name: "Generate values.schema.json"
 
 on:
   pull_request_target:
+    types:
+      - opened
+      - reopened
     paths:
       - 'charts/**/values.yaml'
   workflow_dispatch:
@@ -21,7 +24,16 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  authorize:
+    runs-on: ubuntu-latest
+    environment: ${{ github.event_name == 'pull_request_target' &&
+      github.event.pull_request.head.repo.full_name != github.repository &&
+      'external' || '' }}
+    steps:
+      - run: true
+
   generate-schema:
+    needs: authorize
     runs-on: ubuntu-latest
     timeout-minutes: 15
     # Skip if the commit was made by github-actions bot to prevent infinite loops
  • .github/workflows/pull-request.yaml+10 2 modified
    @@ -4,7 +4,6 @@ on:
     types:
       - opened
       - reopened
-      - synchronize
     branches:
       - main
 
@@ -13,7 +12,16 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  authorize:
+    runs-on: ubuntu-latest
+    environment: ${{ github.event_name == 'pull_request_target' &&
+      github.event.pull_request.head.repo.full_name != github.repository &&
+      'external' || '' }}
+    steps:
+      - run: true
+
   lint-test:
+    needs: authorize
     runs-on: ubuntu-latest
     timeout-minutes: 30
     permissions:
@@ -90,11 +98,11 @@ jobs:
           ct lint --target-branch ${{ github.event.repository.default_branch }} --validate-maintainers=false --additional-commands 'helm unittest {{ .Path }}'
 
   integration-test:
+    needs: [authorize, lint-test]
     runs-on: ubuntu-latest
     timeout-minutes: 30
     permissions:
       contents: read
-    needs: [lint-test]
     if: needs.lint-test.outputs.changed == 'true'
     steps:
       - name: Checkout pull request branch
fcf9302

Merge commit from fork

https://github.com/CloudPirates-io/helm-chartsFinn RadesApr 28, 2026via body-scan
commit
2 files changed · +22 2
  • .github/workflows/generate-schema.yaml+12 0 modified
    @@ -2,6 +2,9 @@ name: "Generate values.schema.json"
 
 on:
   pull_request_target:
+    types:
+      - opened
+      - reopened
     paths:
       - 'charts/**/values.yaml'
   workflow_dispatch:
@@ -21,7 +24,16 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  authorize:
+    runs-on: ubuntu-latest
+    environment: ${{ github.event_name == 'pull_request_target' &&
+      github.event.pull_request.head.repo.full_name != github.repository &&
+      'external' || '' }}
+    steps:
+      - run: true
+
   generate-schema:
+    needs: authorize
     runs-on: ubuntu-latest
     timeout-minutes: 15
     # Skip if the commit was made by github-actions bot to prevent infinite loops
  • .github/workflows/pull-request.yaml+10 2 modified
    @@ -4,7 +4,6 @@ on:
     types:
       - opened
       - reopened
-      - synchronize
     branches:
       - main
 
@@ -13,7 +12,16 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  authorize:
+    runs-on: ubuntu-latest
+    environment: ${{ github.event_name == 'pull_request_target' &&
+      github.event.pull_request.head.repo.full_name != github.repository &&
+      'external' || '' }}
+    steps:
+      - run: true
+
   lint-test:
+    needs: authorize
     runs-on: ubuntu-latest
     timeout-minutes: 30
     permissions:
@@ -90,11 +98,11 @@ jobs:
           ct lint --target-branch ${{ github.event.repository.default_branch }} --validate-maintainers=false --additional-commands 'helm unittest {{ .Path }}'
 
   integration-test:
+    needs: [authorize, lint-test]
     runs-on: ubuntu-latest
     timeout-minutes: 30
     permissions:
       contents: read
-    needs: [lint-test]
     if: needs.lint-test.outputs.changed == 'true'
     steps:
       - name: Checkout pull request branch

Vulnerability mechanics

Root cause

"The GitHub Actions workflow executes untrusted code from fork pull requests in a privileged environment without requiring manual approval."

Attack vector

An attacker can submit a malicious pull request to the repository, which triggers the `pull_request_target` workflow [ref_id=1]. Because the workflow runs in a privileged context, the attacker-controlled code can access repository secrets, such as Docker Hub credentials and tokens [ref_id=1]. This occurs automatically without requiring maintainer approval [ref_id=1].

Affected code

The vulnerability exists within the GitHub Actions workflows defined in `.github/workflows/pull-request.yaml` and `.github/workflows/generate-schema.yaml` [patch_id=4328673].

What the fix does

The patch introduces an `authorize` job in both `.github/workflows/generate-schema.yaml` and `.github/workflows/pull-request.yaml` [patch_id=4328673]. This job uses a GitHub environment named 'external' to gate execution for pull requests originating from forks [patch_id=4328673]. By requiring subsequent jobs to depend on this `authorize` job, the maintainers ensure that sensitive workflows only execute after explicit approval [patch_id=4328673].

Preconditions

  • inputThe attacker must be able to submit a pull request from a fork to the repository.

Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

2

News mentions

0

No linked articles in our index yet.