Cyber Resilience

CVE-2025-54416

CriticalRCE

Published: 26 July 2025

Published
26 July 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
EPSS Score 0.0056 68.7th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-54416 is a critical-severity Command Injection (CWE-77) vulnerability. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked in the top 31.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Deeper analysis

CVE-2025-54416 is a critical command injection vulnerability (CWE-77) in the tj-actions/branch-names GitHub Action, affecting versions 8.2.1 and below. This action provides workflows to retrieve branch or tag names across GitHub events, but suffers from inconsistent input sanitization and unescaped output. Malicious branch names or tags can exploit this, enabling arbitrary command execution in downstream workflows that consume the action's outputs, despite some internal sanitization measures. The issue carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L).

Attackers require low privileges (PR:L), such as write access to a repository, to create specially crafted branch names or tags over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation allows arbitrary command execution within consuming GitHub Actions workflows, achieving high confidentiality impact across scopes (S:C), with low integrity and availability effects, potentially compromising secrets, data exfiltration, or further workflow manipulation.

Mitigation is available in version 9.0.0 of tj-actions/branch-names, which addresses the sanitization and output escaping flaws. Security practitioners should immediately update affected workflows to this version or later. Details are provided in the GitHub security advisory GHSA-gq52-6phf-x2r6, the v9.0.0 release notes, and the fixing commit e497ceb8ccd43fd9573cf2e375216625bc411d1f.

EU & UK References

Vulnerability details

tj-actions/branch-names is a Github actions repository that contains workflows to retrieve branch or tag names with support for all events. In versions 8.2.1 and below, a critical vulnerability has been identified in the tj-actions/branch-names' GitHub Action workflow which allows arbitrary…

more

command execution in downstream workflows. This issue arises due to inconsistent input sanitization and unescaped output, enabling malicious actors to exploit specially crafted branch names or tags. While internal sanitization mechanisms have been implemented, the action outputs remain vulnerable, exposing consuming workflows to significant security risks. This is fixed in version 9.0.0

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

Command injection (CWE-77) in the GitHub Action directly enables arbitrary command execution in consuming workflows via malicious branch/tag inputs.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-66219Shared CWE-77
CVE-2024-8402Shared CWE-77
CVE-2025-67397Shared CWE-77
CVE-2025-57199Shared CWE-77
CVE-2024-55030Shared CWE-77
CVE-2025-24818Shared CWE-77
CVE-2025-9223Shared CWE-77
CVE-2026-8431Shared CWE-77
CVE-2026-44869Shared CWE-77
CVE-2025-70093Shared CWE-77

Affected Assets

In
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of flaws, such as updating to version 9.0.0 which fixes the command injection vulnerability in tj-actions/branch-names.

prevent

Mandates input validation mechanisms to sanitize malicious branch names or tags, directly addressing the inconsistent sanitization exploited in this CVE.

prevent

Enforces output filtering to prevent unescaped action outputs from enabling arbitrary command execution in downstream GitHub workflows.

References