CVE-2026-34041 | nektos act prior 0.2.86 set-env/add-path injection

Inserito da Angelo Barbosa | Mar 28, 2026 | CVE

A vulnerability, which was classified as critical, was found in nektos act. This affects the function set-env/add-path. Executing a manipulation can lead to injection.

This vulnerability is handled as CVE-2026-34041. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-34041 | nektos act prior 0.2.86 set-env/add-path injection

Post correlati

CVE-2021-46933 | Linux Kernel up to 5.15.12 USB Descriptor lib/refcount.c ffs_data_clear use after free

CVE-2025-23589 | ContentOptin Lite Plugin up to 1.1 on WordPress cross site scripting

CVE-2024-8470 | PHPGurukul Job Portal 1.0 controller.php CATEGORY sql injection

CVE-2024-12421 | Coupon Affiliates Plugin up to 5.16.7.1 on WordPress Shortcode cross site scripting