pipeguard-cli 0.1.0__py3-none-any.whl

pipeguard/__init__.py

@@ -0,0 +1,5 @@
+"""PipeGuard — Pre-commit security scanner for GitHub Actions workflows."""
+
+from pipeguard._version import __version__
+
+__all__ = ["__version__"]

pipeguard/_version.py

@@ -0,0 +1,34 @@
+# file generated by setuptools-scm
+# don't change, don't track in version control
+
+__all__ = [
+    "__version__",
+    "__version_tuple__",
+    "version",
+    "version_tuple",
+    "__commit_id__",
+    "commit_id",
+]
+
+TYPE_CHECKING = False
+if TYPE_CHECKING:
+    from typing import Tuple
+    from typing import Union
+
+    VERSION_TUPLE = Tuple[Union[int, str], ...]
+    COMMIT_ID = Union[str, None]
+else:
+    VERSION_TUPLE = object
+    COMMIT_ID = object
+
+version: str
+__version__: str
+__version_tuple__: VERSION_TUPLE
+version_tuple: VERSION_TUPLE
+commit_id: COMMIT_ID
+__commit_id__: COMMIT_ID
+
+__version__ = version = '0.1.0'
+__version_tuple__ = version_tuple = (0, 1, 0)
+
+__commit_id__ = commit_id = None

pipeguard/cli.py

@@ -0,0 +1,92 @@
+"""Entry point: pipeguard scan"""
+
+from __future__ import annotations
+
+import sys
+from pathlib import Path
+
+import click
+
+from pipeguard import __version__
+from pipeguard.output.formatter import Formatter, OutputFormat
+from pipeguard.scanner.base import Finding
+from pipeguard.scanner.github_actions.action_inventory import check_action_inventory
+from pipeguard.scanner.github_actions.actionlint_runner import run_actionlint
+from pipeguard.scanner.github_actions.cve_check import check_cve
+from pipeguard.scanner.github_actions.permissions import check_permissions
+from pipeguard.scanner.github_actions.pull_request_target import check_pull_request_target
+from pipeguard.scanner.github_actions.secrets_flow import check_secrets_flow
+from pipeguard.scanner.github_actions.sha_pinning import check_sha_pinning
+from pipeguard.scanner.github_actions.supply_chain import check_supply_chain
+
+_WORKFLOW_GLOB = ("*.yml", "*.yaml")
+
+
+def _collect_workflows(path: str) -> list[Path]:
+    """Return workflow files from a file path or directory."""
+    p = Path(path)
+    if p.is_file():
+        return [p]
+    files: list[Path] = []
+    for pattern in _WORKFLOW_GLOB:
+        files.extend(sorted(p.rglob(pattern)))
+    return files
+
+
+def _scan_file(workflow: Path) -> list[Finding]:
+    findings: list[Finding] = []
+    findings += run_actionlint(str(workflow))
+    findings += check_sha_pinning(str(workflow))
+    findings += check_secrets_flow(str(workflow))
+    findings += check_supply_chain(str(workflow))
+    findings += check_permissions(str(workflow))
+    findings += check_pull_request_target(str(workflow))
+    findings += check_cve(str(workflow))
+    findings += check_action_inventory(str(workflow))
+    return findings
+
+
+@click.group()
+@click.version_option(__version__, prog_name="pipeguard")
+def main() -> None:
+    """PipeGuard — catch GitHub Actions security issues before they reach your runners."""
+
+
+@main.command()
+@click.argument("path", default=".github/workflows", type=click.Path(exists=True))
+@click.option(
+    "--format",
+    "output_format",
+    type=click.Choice(["terminal", "json", "sarif"]),
+    default="terminal",
+    show_default=True,
+    help="Output format.",
+)
+@click.option("--fix", is_flag=True, help="Generate auto-fix suggestions.")
+def scan(path: str, output_format: str, fix: bool) -> None:
+    """Scan a workflow FILE or DIRECTORY (default: .github/workflows)."""
+    workflows = _collect_workflows(path)
+
+    if not workflows:
+        click.echo(f"[pipeguard] No workflow files found in '{path}'.", err=True)
+        sys.exit(0)
+
+    fmt = Formatter(OutputFormat(output_format))
+    all_findings: list[Finding] = []
+
+    for workflow in workflows:
+        findings = _scan_file(workflow)
+        all_findings.extend(findings)
+        fmt.render(findings, str(workflow))
+
+    if len(workflows) > 1:
+        errors = sum(1 for f in all_findings if f.severity == "error")
+        warnings = sum(1 for f in all_findings if f.severity == "warning")
+        infos = sum(1 for f in all_findings if f.severity == "info")
+        click.echo(
+            f"\nScanned {len(workflows)} file(s) — "
+            f"{errors} error(s), {warnings} warning(s), {infos} info(s) total."
+        )
+
+    if any(f.severity in ("error", "warning") for f in all_findings):
+        sys.exit(1)

pipeguard/output/autofix.py

@@ -0,0 +1,37 @@
+"""Generates auto-fix suggestions for findings (e.g. SHA-pinning patches)."""
+
+from __future__ import annotations
+
+from pathlib import Path
+from typing import TYPE_CHECKING
+
+if TYPE_CHECKING:
+    from pipeguard.scanner.base import Finding
+
+
+def generate_fixes(findings: list[Finding], workflow_path: str) -> str:
+    """Return a unified-diff-style patch for all fixable findings.
+
+    Currently supports: sha-pinning
+    """
+    original = Path(workflow_path).read_text()
+    patched = original
+
+    for f in findings:
+        if f.rule == "sha-pinning" and f.fix_suggestion:
+            # Placeholder: real implementation would resolve the SHA via GitHub API.
+            pass
+
+    if patched == original:
+        return ""
+
+    # Return as unified diff.
+    import difflib
+
+    diff = difflib.unified_diff(
+        original.splitlines(keepends=True),
+        patched.splitlines(keepends=True),
+        fromfile=f"a/{workflow_path}",
+        tofile=f"b/{workflow_path}",
+    )
+    return "".join(diff)

pipeguard/output/formatter.py

@@ -0,0 +1,133 @@
+"""Renders findings in terminal, JSON, and SARIF formats."""
+
+from __future__ import annotations
+
+import json
+from enum import StrEnum
+from typing import TYPE_CHECKING
+
+from rich import box
+from rich.console import Console
+from rich.table import Table
+
+if TYPE_CHECKING:
+    from pipeguard.scanner.base import Finding
+
+
+class OutputFormat(StrEnum):
+    TERMINAL = "terminal"
+    JSON = "json"
+    SARIF = "sarif"
+
+
+class Formatter:
+    def __init__(self, fmt: OutputFormat = OutputFormat.TERMINAL) -> None:
+        self.fmt = fmt
+        self._console = Console()
+
+    def render(self, findings: list[Finding], workflow_path: str) -> None:
+        match self.fmt:
+            case OutputFormat.TERMINAL:
+                self._render_terminal(findings, workflow_path)
+            case OutputFormat.JSON:
+                self._render_json(findings)
+            case OutputFormat.SARIF:
+                self._render_sarif(findings, workflow_path)
+
+    # ------------------------------------------------------------------
+    # Terminal
+    # ------------------------------------------------------------------
+
+    def _render_terminal(self, findings: list[Finding], workflow_path: str) -> None:
+        self._console.print(f"\n[bold]Scanning:[/bold] {workflow_path}")
+        if not findings:
+            self._console.print("[green]  ✓ No issues found[/green]")
+            return
+
+        table = Table(box=box.ROUNDED, show_lines=True, expand=False)
+        table.add_column("Severity", style="bold", width=9, no_wrap=True)
+        table.add_column("Rule", style="cyan", width=22, no_wrap=True)
+        table.add_column("Location", width=26, no_wrap=True)
+        table.add_column("Message", max_width=60)
+
+        for f in findings:
+            sev_style = {"error": "red", "warning": "yellow", "info": "blue"}.get(
+                f.severity, "white"
+            )
+            table.add_row(
+                f"[{sev_style}]{f.severity}[/{sev_style}]",
+                f.rule,
+                f"{f.file}:{f.line}",
+                f.message + (f"\n[dim]Fix: {f.fix_suggestion}[/dim]" if f.fix_suggestion else ""),
+            )
+
+        self._console.print(table)
+        self._console.print(
+            f"\n[bold]{'[red]' if any(f.severity == 'error' for f in findings) else '[yellow]'}"
+            f"{len(findings)} issue(s) found.[/bold]"
+        )
+
+    # ------------------------------------------------------------------
+    # JSON
+    # ------------------------------------------------------------------
+
+    def _render_json(self, findings: list[Finding]) -> None:
+        output = [
+            {
+                "rule": f.rule,
+                "severity": f.severity,
+                "message": f.message,
+                "file": f.file,
+                "line": f.line,
+                "col": f.col,
+                "fix_suggestion": f.fix_suggestion,
+            }
+            for f in findings
+        ]
+        print(json.dumps(output, indent=2))
+
+    # ------------------------------------------------------------------
+    # SARIF 2.1.0
+    # ------------------------------------------------------------------
+
+    def _render_sarif(self, findings: list[Finding], workflow_path: str) -> None:
+        results = []
+        rules: dict[str, dict[str, object]] = {}
+
+        for f in findings:
+            rules[f.rule] = {
+                "id": f.rule,
+                "shortDescription": {"text": f.rule},
+            }
+            results.append(
+                {
+                    "ruleId": f.rule,
+                    "level": "error" if f.severity == "error" else "warning",
+                    "message": {"text": f.message},
+                    "locations": [
+                        {
+                            "physicalLocation": {
+                                "artifactLocation": {"uri": f.file},
+                                "region": {"startLine": f.line, "startColumn": f.col},
+                            }
+                        }
+                    ],
+                }
+            )
+
+        sarif = {
+            "version": "2.1.0",
+            "$schema": "https://json.schemastore.org/sarif-2.1.0.json",
+            "runs": [
+                {
+                    "tool": {
+                        "driver": {
+                            "name": "pipeguard",
+                            "rules": list(rules.values()),
+                        }
+                    },
+                    "results": results,
+                }
+            ],
+        }
+        print(json.dumps(sarif, indent=2))

pipeguard/scanner/__init__.py

@@ -0,0 +1,3 @@
+from pipeguard.scanner.base import BaseScanner, Finding
+
+__all__ = ["Finding", "BaseScanner"]

pipeguard/scanner/base.py

@@ -0,0 +1,24 @@
+"""Base types shared across all scanner modules and platforms."""
+
+from __future__ import annotations
+
+from abc import ABC, abstractmethod
+from dataclasses import dataclass
+
+
+@dataclass
+class Finding:
+    rule: str
+    message: str
+    file: str
+    line: int
+    col: int
+    severity: str = "error"  # "error" | "warning" | "info"
+    fix_suggestion: str | None = None
+
+
+class BaseScanner(ABC):
+    @abstractmethod
+    def check(self, workflow_path: str) -> list[Finding]:
+        """Run this scanner against a single workflow file."""
+        ...

pipeguard/scanner/github_actions/action_inventory.py

@@ -0,0 +1,59 @@
+"""Lists all third-party Actions used in a workflow as an inventory."""
+
+from __future__ import annotations
+
+import re
+from collections import defaultdict
+from pathlib import Path
+
+import yaml
+
+from pipeguard.scanner.base import Finding
+
+_USES_RE = re.compile(r"^(?P<action>[^@]+)@(?P<ref>.+)$")
+
+
+def check_action_inventory(workflow_path: str) -> list[Finding]:
+    """Return one info-level finding per unique third-party action used."""
+    text = Path(workflow_path).read_text()
+    data = yaml.safe_load(text)
+    lines = text.splitlines()
+
+    # action_slug -> list of (ref, line_no)
+    inventory: dict[str, list[tuple[str, int]]] = defaultdict(list)
+
+    jobs = data.get("jobs", {}) if isinstance(data, dict) else {}
+    for _job_id, job in jobs.items():
+        steps = job.get("steps", []) if isinstance(job, dict) else []
+        for step in steps:
+            uses = step.get("uses", "") if isinstance(step, dict) else ""
+            if not uses or uses.startswith("./"):
+                continue
+            m = _USES_RE.match(uses)
+            if not m:
+                continue
+            action, ref = m.group("action"), m.group("ref")
+            line_no = next(
+                (i + 1 for i, line in enumerate(lines) if uses in line), 0
+            )
+            inventory[action].append((ref, line_no))
+
+    findings: list[Finding] = []
+    for action, occurrences in sorted(inventory.items()):
+        refs = sorted({ref for ref, _ in occurrences})
+        first_line = occurrences[0][1]
+        findings.append(
+            Finding(
+                rule="action-inventory",
+                message=(
+                    f"Action '{action}' used with ref(s): "
+                    + ", ".join(f"'{r}'" for r in refs)
+                    + f" ({len(occurrences)} occurrence(s))."
+                ),
+                file=workflow_path,
+                line=first_line,
+                col=0,
+                severity="info",
+            )
+        )
+    return findings

pipeguard/scanner/github_actions/actionlint_runner.py

@@ -0,0 +1,43 @@
+"""Runs actionlint as a subprocess and wraps its output as PipeGuard findings."""
+
+from __future__ import annotations
+
+import json
+import subprocess
+
+from pipeguard.scanner.base import Finding
+
+
+def run_actionlint(workflow_path: str) -> list[Finding]:
+    """Run actionlint on *workflow_path* and return findings.
+
+    Returns an empty list if actionlint is not installed — fail loud via a
+    warning, but do not block other checks.
+    """
+    try:
+        result = subprocess.run(
+            ["actionlint", "-format", "{{json .}}", workflow_path],
+            capture_output=True,
+            text=True,
+        )
+    except FileNotFoundError:
+        print("[pipeguard] WARNING: actionlint not found. Install it for full analysis.")
+        return []
+
+    if not result.stdout.strip():
+        return []
+
+    raw: list[dict[str, int | str]] = json.loads(result.stdout)
+    findings: list[Finding] = []
+    for item in raw:
+        findings.append(
+            Finding(
+                rule=str(item.get("kind", "actionlint")),
+                message=str(item.get("message", "")),
+                file=str(item.get("filepath", workflow_path)),
+                line=int(item.get("line", 0)),
+                col=int(item.get("column", 0)),
+                severity="error",
+            )
+        )
+    return findings

pipeguard/scanner/github_actions/cve_check.py

@@ -0,0 +1,88 @@
+"""Checks used Actions against a local database of known critical CVEs."""
+
+from __future__ import annotations
+
+import json
+import re
+from pathlib import Path
+from typing import TypedDict
+
+import yaml
+
+from pipeguard.scanner.base import Finding
+
+_USES_RE = re.compile(r"^(?P<action>[^@]+)@(?P<ref>.+)$")
+_SHA_RE = re.compile(r"^[0-9a-f]{40}$")
+
+_CVE_DB_PATH = Path(__file__).parent / "cve_db.json"
+
+
+class CveRecord(TypedDict):
+    action: str
+    cve_id: str
+    description: str
+    affected_refs: list[str]  # "all_tags" | specific tag/SHA
+    advisory_url: str
+
+
+def _load_cve_db() -> dict[str, list[CveRecord]]:
+    """Load CVE database from the bundled JSON file, keyed by action (lowercase)."""
+    records: list[CveRecord] = json.loads(_CVE_DB_PATH.read_text())
+    db: dict[str, list[CveRecord]] = {}
+    for record in records:
+        key = record["action"].lower()
+        db.setdefault(key, []).append(record)
+    return db
+
+
+def check_cve(workflow_path: str) -> list[Finding]:
+    """Return findings for actions that match known CVEs in the local database."""
+    cve_db = _load_cve_db()
+
+    text = Path(workflow_path).read_text()
+    data = yaml.safe_load(text)
+    lines = text.splitlines()
+
+    findings: list[Finding] = []
+    jobs = data.get("jobs", {}) if isinstance(data, dict) else {}
+    for _job_id, job in jobs.items():
+        steps = job.get("steps", []) if isinstance(job, dict) else []
+        for step in steps:
+            uses = step.get("uses", "") if isinstance(step, dict) else ""
+            if not uses or uses.startswith("./"):
+                continue
+            m = _USES_RE.match(uses)
+            if not m:
+                continue
+            action, ref = m.group("action"), m.group("ref")
+
+            for record in cve_db.get(action.lower(), []):
+                is_tag = not _SHA_RE.match(ref)
+                hit = ("all_tags" in record["affected_refs"] and is_tag) or (
+                    ref in record["affected_refs"]
+                )
+                if not hit:
+                    continue
+
+                line_no = next(
+                    (i + 1 for i, line in enumerate(lines) if uses in line), 0
+                )
+                cve_id = record["cve_id"]
+                findings.append(
+                    Finding(
+                        rule=f"cve-{cve_id.lower()}",
+                        message=(
+                            f"Action '{action}@{ref}' is affected by {cve_id}: "
+                            f"{record['description']}"
+                        ),
+                        file=workflow_path,
+                        line=line_no,
+                        col=0,
+                        severity="error",
+                        fix_suggestion=(
+                            f"Immediately pin '{action}' to a verified safe SHA. "
+                            f"See {record['advisory_url']}"
+                        ),
+                    )
+                )
+    return findings

pipeguard/scanner/github_actions/cve_db.json

@@ -0,0 +1,110 @@
+[
+  {
+    "action": "tj-actions/changed-files",
+    "cve_id": "CVE-2025-30066",
+    "description": "tj-actions/changed-files was compromised in a supply-chain attack. All tag-based refs are potentially affected \u2014 pin to a known-good SHA.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2025-30066"
+  },
+  {
+    "action": "reviewdog/action-setup",
+    "cve_id": "CVE-2025-30154",
+    "description": "reviewdog/action-setup was compromised in the same supply-chain campaign as tj-actions/changed-files. Pin to a vetted SHA.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2025-30154"
+  },
+  {
+    "action": "tj-actions/branch-names",
+    "cve_id": "CVE-2023-49291",
+    "description": "tj-actions/branch-names improperly references github.event.pull_request.head.ref and github.head_ref in a run step, allowing a specially crafted branch name to execute arbitrary code and steal secrets or abuse GITHUB_TOKEN permissions.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2023-49291"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2023-24538",
+    "description": "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2023-29453",
+    "description": "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g., \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template. Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2023-29453"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2024-1355",
+    "description": "A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console\u00a0docker container while setting a service URL. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program.\n",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2024-1355"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2024-39700",
+    "description": "JupyterLab extension template is a  `copier` template for JupyterLab extensions. Repositories created using this template with `test` option include `update-integration-tests.yml` workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to the latest version. Users who made changes to `update-integration-tests.yml`, accept overwriting of this file and re-apply your changes later. Users may wish to temporarily disable GitHub Actions while working on the upgrade. We recommend rebasing all open pull requests from untrusted users as actions may run using the version from the `main` branch at the time when the pull request was created. Users who are upgrading from template version prior to 4.3.0 may wish to leave out proposed changes to the release workflow for now as it requires additional configuration.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2024-39700"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2024-52009",
+    "description": "Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. Atlantis logs contains GitHub credentials (tokens `ghs_...`) when they are rotated. This enables an attacker able to read these logs to impersonate Atlantis application and to perform actions on GitHub. When Atlantis is used to administer a GitHub organization, this enables getting administration privileges on the organization. This was reported in #4060 and fixed in #4667 . The fix was included in Atlantis v0.30.0. All users are advised to upgrade. There are no known workarounds for this vulnerability.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2024-52009"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2025-58371",
+    "description": "Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions 3.26.6 and below, a Github workflow used unsanitized pull request metadata in a privileged context, allowing an attacker to craft malicious input and achieve Remote Code Execution (RCE) on the Actions runner. The workflow runs with broad permissions and access to repository secrets. It is possible for an attacker to execute arbitrary commands on the runner, push or modify code in the repository, access secrets, and create malicious releases or packages, resulting in a complete compromise of the repository and its associated services. This is fixed in version 3.26.7.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2025-58371"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2025-11892",
+    "description": "An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege escalation and unauthorized workflow triggers. Successful exploitation requires an attacker to have access to the target GitHub Enterprise Server instance and to entice a user, while operating in sudo mode, to click on a crafted malicious link to perform actions that require elevated privileges.\u00a0This vulnerability affected all versions of GitHub Enterprise Server prior to\u00a03.18.1, 3.17.7, 3.16.10, 3.15.14, 3.14.19.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2025-11892"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2025-67727",
+    "description": "Parse Server is an open source backend that can be deployed to any infrastructure that runs Node.js. In versions prior to 8.6.0-alpha.2, a GitHub CI workflow is triggered in a way that grants the GitHub Actions workflow elevated permissions, giving it access to GitHub secrets and write permissions which are defined in the workflow. Code from a fork or lifecycle scripts is potentially included. Only the repository's CI/CD infrastructure is affected, including any public GitHub forks with GitHub Actions enabled. This issue is fixed version 8.6.0-alpha.2 and commits 6b9f896 and e3d27fe.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2025-67727"
+  },
+  {
+    "action": "PENDING_REVIEW",
+    "cve_id": "CVE-2026-0573",
+    "description": "An URL redirection vulnerability was identified in GitHub Enterprise Server that allowed attacker-controlled redirects to leak sensitive authorization tokens. The repository_pages API insecurely followed HTTP redirects when fetching artifact URLs, preserving the authorization header containing a privileged JWT. An authenticated user could redirect these requests to an attacker-controlled domain, exfiltrate the Actions.ManageOrgs JWT, and leverage it for potential remote code execution. Attackers would require access to the target GitHub Enterprise Server instance and the ability to exploit a legacy redirect to an attacker-controlled domain. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.19 and was fixed in versions 3.19.2, 3.18.4, 3.17.10, 3.16.13, 3.15.17, and 3.14.22. This vulnerability was reported via the GitHub Bug Bounty program.",
+    "affected_refs": [
+      "all_tags"
+    ],
+    "advisory_url": "https://www.cve.org/CVERecord?id=CVE-2026-0573"
+  }
+]