CVE-2025-54416 | tj-actions branch-names up to 8.x command injection (GHSA-gq52-6phf-x2r6)

Inserito da Angelo Barbosa | Lug 26, 2025 | CVE

A vulnerability, which was classified as critical, was found in tj-actions branch-names up to 8.x. Affected is an unknown function. The manipulation leads to command injection.

This vulnerability is traded as CVE-2025-54416. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-54416 | tj-actions branch-names up to 8.x command injection (GHSA-gq52-6phf-x2r6)

Post correlati

CVE-2024-24746 | Apache NimBLE up to 1.6.0 Bluetooth Stack denial of service

CVE-2024-0498 | Project Worlds Lawyer Management System 1.0 searchLawyer.php experience sql injection

CVE-2024-0585 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.4 on WordPress Filterable Gallery Widget cross site scripting (ID 3022852)

CVE-2024-48456 | Netis Wifi Router MW5360 Admin Password Page information disclosure