VYPR

Skim

by Skim Rs

Source repositories

CVEs (1)

  • CVE-2026-41414HigApr 24, 2026
    risk 0.41cvss 7.4epss 0.00

    Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIM_RS_BOT_PRIVATE_KEY and GITHUB_TOKEN (contents:write). No gates…