{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40316", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-10T21:41:54.505Z", "datePublished": "2026-04-15T22:49:18.636Z", "dateUpdated": "2026-04-15T22:49:18.636Z"}, "containers": {"cna": {"title": "OWASP BLT has RCE in Github Actions via untrusted Django model execution in workflow", "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "lang": "en", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-95", "lang": "en", "description": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/OWASP-BLT/BLT/security/advisories/GHSA-wxm3-64fx-cmx9", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OWASP-BLT/BLT/security/advisories/GHSA-wxm3-64fx-cmx9"}], "affected": [{"vendor": "OWASP-BLT", "product": "BLT", "versions": [{"version": "<= 2.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-15T22:49:18.636Z"}, "descriptions": [{"lang": "en", "value": "OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workflows/regenerate-migrations.yml workflow. The workflow uses the pull_request_target trigger to run with full GITHUB_TOKEN write permissions, copies attacker-controlled files from untrusted pull requests into the trusted runner workspace via git show, and then executes python manage.py makemigrations, which imports Django model modules including attacker-controlled website/models.py at runtime. Any module-level Python code in the attacker's models.py is executed during import, enabling arbitrary code execution in the privileged CI environment with access to GITHUB_TOKEN and repository secrets. The attack is triggerable by any external contributor who can open a pull request, provided a maintainer applies the regenerate-migrations label, potentially leading to secret exfiltration, repository compromise, and supply chain attacks. A patch for this issue is expected to be released in version 2.1.1."}], "source": {"advisory": "GHSA-wxm3-64fx-cmx9", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workflows/regenerate-migrations.yml workflow. The workflow uses the pull_request_target trigger to run with full GITHUB_TOKEN write permissions, copies attacker-controlled files from untrusted pull requests into the trusted runner workspace via git show, and then executes python manage.py makemigrations, which imports Django model modules including attacker-controlled website/models.py at runtime. Any module-level Python code in the attacker's models.py is executed during import, enabling arbitrary code execution in the privileged CI environment with access to GITHUB_TOKEN and repository secrets. The attack is triggerable by any external contributor who can open a pull request, provided a maintainer applies the regenerate-migrations label, potentially leading to secret exfiltration, repository compromise, and supply chain attacks. A patch for this issue is expected to be released in version 2.1.1."}], "id": "CVE-2026-40316", "lastModified": "2026-04-15T23:16:10.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-15T23:16:10.220", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/OWASP-BLT/BLT/security/advisories/GHSA-wxm3-64fx-cmx9"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}, {"lang": "en", "value": "CWE-95"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-16T02:16:05.364992+00:00", "value": {"mitigation_remediation": ["Upgrade the OWASP BLT instance to version 2.1.1 or later once the vendor releases the fix.", "If the patch is not yet released, temporarily disable or delete the .github/workflows/regenerate-migrations.yml workflow until a correct version arrives, or modify it to remove the pull_request_target trigger and prevent execution of untrusted code.", "Ensure that the GITHUB_TOKEN used by the workflow has only the minimal permissions required, or replace it with a custom token scoped to read\u2011only access during the migration step."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "This flaw affects all instances of the OWASP BLT platform running versions earlier than 2.1.1. The product is identified by the vendor OWASP\u2011BLT:BLT and the vulnerable workflow exists in the public GitHub repository that hosts the project", "description_and_impact": "The vulnerability in the OWASP BLT workflow permits attacker-supplied Python code to run when a pull request is processed. The workflow, defined in .github/workflows/regenerate-migrations.yml, pulls the submitter\u2019s site models file into the trusted runner environment and runs Django\u2019s makemigrations command. During import of models.py any top-level statements are evaluated, allowing the attacker to execute arbitrary code with the full privileges of the CI job. This code runs under a user token that has write access to the repository and all repository secrets, enabling secret exfiltration, repository tampering, or supply\u2011chain injection.", "risk_and_exploitability": "The CVSS score of 8.8 indicates a high severity level. The EPSS value is unavailable, but the vulnerability is known to the community and is not listed in the CISA Known Exploit Vulnerabilities catalog. Remote code execution is achieved only when a maintainer applies the regenerate\u2011migrations label to the pull request. Therefore the attack vector requires an external contributor to open a pull request and a maintainer to apply the label, after which the attacker can run code in the privileged CI environment."}}}}, "created": "2026-04-16T02:30:21.674503+00:00", "updated": "2026-04-16T02:30:21.674534+00:00", "vendors": []}