CVE-2026-34243
Published: 31 March 2026
Summary
CVE-2026-34243 is a critical-severity Command Injection (CWE-77) vulnerability in Njzjz Wenxian. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Poisoned Pipeline Execution (T1677); ranked in the top 20.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-34243 is a command injection vulnerability (CWE-77, CWE-78) in the wenxian tool, which generates BIBTEX files from identifiers such as DOI, PMID, arXiv ID, or paper title. It affects versions 0.3.1 and prior, specifically within a GitHub Actions workflow that incorporates untrusted user input from issue_comment.body directly into a shell command. This flaw enables potential arbitrary code execution on the GitHub Actions runner, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Any unauthenticated attacker with network access can exploit this vulnerability by posting a specially crafted comment on a GitHub issue in the repository, as it requires no privileges or user interaction beyond low-complexity payload construction. Successful exploitation grants arbitrary code execution on the runner environment, potentially compromising the confidentiality, integrity, and availability of the runner's resources.
The GitHub security advisory (GHSA-r4fj-r33x-8v88) notes that, at the time of publication on 2026-03-31, no publicly available patches exist for this issue.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-17522
Vulnerability details
wenxian is a tool to generate BIBTEX files from given identifiers (DOI, PMID, arXiv ID, or paper title). In versions 0.3.1 and prior, a GitHub Actions workflow uses untrusted user input from issue_comment.body directly inside a shell command, allowing potential…
more
command injection and arbitrary code execution on the runner. At time of publication, there are no publicly available patches.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Command injection in GitHub Actions workflow via unauthenticated issue comments enables poisoned pipeline execution (T1677), exploitation of public-facing application (T1190), and Unix shell command execution (T1059.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation and sanitization of untrusted user inputs from issue_comment.body before use in shell commands to prevent command injection.
Mandates identification, reporting, and correction of flaws such as this command injection vulnerability in the GitHub Actions workflow.
Ensures secure configuration settings for GitHub Actions workflows, including input handling practices that mitigate direct shell command injection.