CVE-2025-53546
Published: 09 July 2025
Summary
CVE-2025-53546 is a critical-severity Inclusion of Functionality from Untrusted Control Sphere (CWE-829) vulnerability. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Supply Chain Compromise (T1195); ranked in the top 45.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-6 (Configuration Settings).
Deeper analysis
CVE-2025-53546 is a high-severity vulnerability (CVSS 3.1 score of 9.1) affecting Folo, an open-source tool that organizes feeds content into one timeline. The issue stems from the misuse of the pull_request_target event trigger in the .github/workflows/auto-fix-lint-format-commit.yml GitHub Actions workflow file (CWE-829). This configuration allows untrusted code from pull requests to execute with full access to secrets from the base repository.
Any unauthenticated attacker with network access can exploit this vulnerability with low complexity and no user interaction required. By submitting a malicious pull request, the attacker triggers the workflow to run untrusted code, enabling exfiltration of the GITHUB_TOKEN, which possesses high privileges including content write access. This allows the attacker to completely overtake the repository.
The vulnerability has been fixed in commit 585c6a591440cd39f92374230ac5d65d7dd23d6a, as detailed in the GitHub security advisory GHSA-h87r-5w74-qfm4. Security practitioners should update to this commit or later to mitigate the issue and review workflows using pull_request_target for similar misconfigurations.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-20825
Vulnerability details
Folo organizes feeds content into one timeline. Using pull_request_target on .github/workflows/auto-fix-lint-format-commit.yml can be exploited by attackers, since untrusted code can be executed having full access to secrets (from the base repo). By exploiting the vulnerability is possible to exfiltrate GITHUB_TOKEN…
more
which has high privileges. GITHUB_TOKEN can be used to completely overtake the repo since the token has content write privileges. This vulnerability is fixed in commit 585c6a591440cd39f92374230ac5d65d7dd23d6a.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability directly enables supply chain compromise via malicious PR executing untrusted code in privileged CI workflow, leading to exfiltration of GITHUB_TOKEN credentials.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Remediating the flaw by updating to commit 585c6a591440cd39f92374230ac5d65d7dd23d6a directly eliminates the vulnerable pull_request_target workflow configuration.
Enforcing secure configuration settings for GitHub Actions workflows prevents misuse of pull_request_target that allows untrusted PR code to access base repository secrets.
Applying least privilege to GITHUB_TOKEN permissions restricts attackers from repository takeover even if the token is exfiltrated via the vulnerable workflow.