CVE-2026-31900
Published: 11 March 2026
Summary
CVE-2026-31900 is a critical-severity Improper Input Validation (CWE-20) vulnerability in Python Black. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Compromise Software Supply Chain (T1195.002); ranked at the 22.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely remediation by updating the Black GitHub Action to version 26.3.0 or later directly eliminates the vulnerability allowing malicious pyproject.toml edits to enable arbitrary code execution.
Establishing secure configuration settings in GitHub workflows to disable use_pyproject or pin approved Black versions prevents pull requests from injecting malicious repository URLs.
Verifying the integrity and authenticity of Black software components prior to execution in the GitHub Action blocks malicious code fetched from tampered direct URLs in pyproject.toml.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables supply chain compromise by modifying pyproject.toml in a pull request to reference malicious code repositories, leading to poisoned pipeline execution in GitHub Actions.
NVD Description
Black is the uncompromising Python code formatter. Black provides a GitHub action for formatting code. This action supports an option, use_pyproject: true, for reading the version of Black to use from the repository pyproject.toml. A malicious pull request could edit…
more
pyproject.toml to use a direct URL reference to a malicious repository. This could lead to arbitrary code execution in the context of the GitHub Action. Attackers could then gain access to secrets or permissions available in the context of the action. Version 26.3.0 fixes this vulnerability.
Deeper analysisAI
CVE-2026-31900 is a high-severity vulnerability in the GitHub Action provided by Black, an uncompromising Python code formatter. The issue arises when the action is configured with the `use_pyproject: true` option, which reads the Black version from the repository's `pyproject.toml` file. A malicious actor can exploit this by submitting a pull request that modifies `pyproject.toml` to reference a direct URL pointing to a malicious repository, potentially leading to arbitrary code execution within the GitHub Action's context.
The vulnerability can be exploited by any unauthenticated attacker with the ability to submit a pull request to a target repository using the affected Black GitHub Action. No special privileges, user interaction, or complex setup is required, as indicated by the CVSS 3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Successful exploitation grants the attacker arbitrary code execution in the action's runner environment, enabling access to any secrets or permissions configured for that workflow, such as repository tokens or deployment credentials.
The Black project addressed this in version 26.3.0, as detailed in the security advisory (GHSA-v53h-f6m7-xcgm) and corresponding commit (0a2560b981364dde4c8cf8ce9d164c40669a8611). Security practitioners should update to Black 26.3.0 or later, disable the `use_pyproject: true` option in workflows, and review pull request workflows for supply chain risks, particularly in repositories relying on dynamic dependency resolution from untrusted sources.
Details
- CWE(s)