CVE-2026-35580

Emissary has GitHub Actions Shell Injection via Workflow Inputs

CVSS 9.1 CRITICALEPSS 0.6%CWE-77

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 9.1EPSS 0.6%KEV nãoPoC —Patch —

Lifecycle

07 Apr 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, GitHub Actions workflow files contained shell injection points where user-controlled workflow_dispatch inputs were interpolated directly into shell commands via ${{ }} expression syntax. An attacker with repository write access could inject arbitrary shell commands, leading to repository poisoning and supply chain compromise affecting all downstream users. This vulnerability is fixed in 8.39.0.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected products

NationalSecurityAgency · emissary

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/NationalSecurityAgency/emissary/pull/1286 https://github.com/NationalSecurityAgency/emissary/pull/1288 https://github.com/NationalSecurityAgency/emissary/security/advisories/GHSA-3g6g-gq4r-xjm9