CVE-2025-54416
Published: 26 July 2025
Summary
CVE-2025-54416 is a critical-severity Command Injection (CWE-77) vulnerability. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 39.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely remediation of flaws, such as updating to version 9.0.0 which fixes the command injection vulnerability in tj-actions/branch-names.
Mandates input validation mechanisms to sanitize malicious branch names or tags, directly addressing the inconsistent sanitization exploited in this CVE.
Enforces output filtering to prevent unescaped action outputs from enabling arbitrary command execution in downstream GitHub workflows.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Command injection (CWE-77) in the GitHub Action directly enables arbitrary command execution in consuming workflows via malicious branch/tag inputs.
NVD Description
tj-actions/branch-names is a Github actions repository that contains workflows to retrieve branch or tag names with support for all events. In versions 8.2.1 and below, a critical vulnerability has been identified in the tj-actions/branch-names' GitHub Action workflow which allows arbitrary…
more
command execution in downstream workflows. This issue arises due to inconsistent input sanitization and unescaped output, enabling malicious actors to exploit specially crafted branch names or tags. While internal sanitization mechanisms have been implemented, the action outputs remain vulnerable, exposing consuming workflows to significant security risks. This is fixed in version 9.0.0
Deeper analysisAI
CVE-2025-54416 is a critical command injection vulnerability (CWE-77) in the tj-actions/branch-names GitHub Action, affecting versions 8.2.1 and below. This action provides workflows to retrieve branch or tag names across GitHub events, but suffers from inconsistent input sanitization and unescaped output. Malicious branch names or tags can exploit this, enabling arbitrary command execution in downstream workflows that consume the action's outputs, despite some internal sanitization measures. The issue carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L).
Attackers require low privileges (PR:L), such as write access to a repository, to create specially crafted branch names or tags over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation allows arbitrary command execution within consuming GitHub Actions workflows, achieving high confidentiality impact across scopes (S:C), with low integrity and availability effects, potentially compromising secrets, data exfiltration, or further workflow manipulation.
Mitigation is available in version 9.0.0 of tj-actions/branch-names, which addresses the sanitization and output escaping flaws. Security practitioners should immediately update affected workflows to this version or later. Details are provided in the GitHub security advisory GHSA-gq52-6phf-x2r6, the v9.0.0 release notes, and the fixing commit e497ceb8ccd43fd9573cf2e375216625bc411d1f.
Details
- CWE(s)