CVE-2025-54430 | dedupeio dedupe benchmark-bot.yml issue_comment os command injection

Inserito da Angelo Barbosa | Lug 30, 2025 | CVE

A vulnerability was found in dedupeio dedupe. It has been declared as critical. Affected by this vulnerability is the function issue_comment of the file github/workflows/benchmark-bot.yml. The manipulation leads to os command injection.

This vulnerability is known as CVE-2025-54430. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-54430 | dedupeio dedupe benchmark-bot.yml issue_comment os command injection

Post correlati

CVE-2025-7490 | PHPGurukul Vehicle Parking Management System 1.13 /admin/reg-users.php del sql injection

CVE-2024-26816 | Linux Kernel up to 6.8.1 relocs /sys/kernel/notes information disclosure

CVE-2024-28222 | Veritas NetBackup/NetBackup Appliance BPCD Process input validation

CVE-2024-1845 | VikRentCar Car Rental Management System Plugin up to 1.3.1 on WordPress cross-site request forgery