Critical severity10.0NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026
CVE-2026-45131
CVE-2026-45131
Description
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (pull-request.yaml) executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub credentials and tokens without requiring maintainer approval. This issue has been patched via commit fcf9302.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <commit fcf9302
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.