All 6 CVE vulnerabilities found in Toolkit, with AI-generated Chinese analysis, references, and POCs.
Vendor: actions
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-9267 | Seagate Toolkit 安全漏洞 CWE-427 | 7.8 | - | 2025-09-26 |
| CVE-2025-9043 | Seagate Toolkit 安全漏洞 CWE-428 | 6.7AI | MediumAI | 2025-08-14 |
| CVE-2025-5890 | actions toolkit glob internal-pattern.ts globEscape redos CWE-1333 | 4.3 | Medium | 2025-06-09 |
| CVE-2024-42471 | Arbitrary File Write via artifact extraction in actions/artifact CWE-22 | 7.3 | High | 2024-09-02 |
| CVE-2022-35954 | Delimiter injection vulnerability in @actions/core exportVariable CWE-77 | 5.0 | Medium | 2022-08-13 |
| CVE-2020-15228 | Environment Variable Injection in GitHub Actions CWE-20 | 3.5 | Low | 2020-10-01 |
All 6 known CVE vulnerabilities affecting Toolkit with full Chinese analysis, references, and POCs where available.