VYPR

CLI

by GitHub

CVEs (2)

  • CVE-2026-48501HigMay 29, 2026
    risk 0.41cvss 7.4epss 0.00

    GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh release verify-asset commands. The CLI uses a shared HTTP…

  • CVE-2026-45803LowMay 15, 2026
    risk 0.16cvss 3.5epss 0.00

    `gh` is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view…