CVE-2026-34041
Published: 31 March 2026
Summary
CVE-2026-34041 is a critical-severity Injection (CWE-74) vulnerability in Nektos Act. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 6.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely flaw remediation by upgrading act to version 0.2.86 or later patches the unconditional processing of deprecated ::set-env:: and ::add-path:: commands.
Validating untrusted stdout from workflow steps prevents injection of environment-altering commands like ::set-env:: and ::add-path::.
Tainting untrusted outputs from workflow steps blocks their propagation to subsequent steps for setting arbitrary environment variables or modifying PATH.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability in act enables environment variable and PATH injection from untrusted workflow outputs, directly facilitating client-side code execution (T1203, T1059) and path interception for hijacking (T1574.007).
NVD Description
act is a project which allows for local running of github actions. Prior to version 0.2.86, act unconditionally processes the deprecated ::set-env:: and ::add-path:: workflow commands, which was disabled due to environment injection risks. When a workflow step echoes untrusted…
more
data to stdout, an attacker can inject these commands to set arbitrary environment variables or modify the PATH for all subsequent steps in the job. This issue has been patched in version 0.2.86.
Deeper analysisAI
CVE-2026-34041 is a high-severity vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the 'act' project, a tool for running GitHub Actions workflows locally. In versions prior to 0.2.86, act unconditionally processes the deprecated ::set-env:: and ::add-path:: workflow commands, despite these being disabled in GitHub Actions due to environment injection risks (CWE-74). This flaw arises when a workflow step echoes untrusted data to stdout, enabling injection of these commands.
An attacker who can influence the input to a workflow step—such as through malicious repository content or untrusted actions—can exploit this remotely with low complexity and no privileges. Successful exploitation allows setting arbitrary environment variables or modifying the PATH for all subsequent steps in the job, potentially leading to command execution, data exfiltration, or full compromise of the local environment where act is running.
The issue was addressed in act version 0.2.86, as detailed in the project's security advisory (GHSA-xmgr-9pqc-h5vw), release notes, and patching commit. Security practitioners should upgrade to v0.2.86 or later and audit workflows for untrusted stdout outputs when using act locally.
Details
- CWE(s)