A vulnerability was found in dedupeio dedupe. It has been declared as critical. Affected by this vulnerability is the function issue_comment of the file github/workflows/benchmark-bot.yml. The manipulation leads to os command injection.

This vulnerability is known as CVE-2025-54430. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.