Cyber Resilience

CVE-2026-34243

CriticalPublic PoCRCE

Published: 31 March 2026

Published
31 March 2026
Modified
03 April 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0217 80.0th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-34243 is a critical-severity Command Injection (CWE-77) vulnerability in Njzjz Wenxian. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Poisoned Pipeline Execution (T1677); ranked in the top 20.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-34243 is a command injection vulnerability (CWE-77, CWE-78) in the wenxian tool, which generates BIBTEX files from identifiers such as DOI, PMID, arXiv ID, or paper title. It affects versions 0.3.1 and prior, specifically within a GitHub Actions workflow that incorporates untrusted user input from issue_comment.body directly into a shell command. This flaw enables potential arbitrary code execution on the GitHub Actions runner, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Any unauthenticated attacker with network access can exploit this vulnerability by posting a specially crafted comment on a GitHub issue in the repository, as it requires no privileges or user interaction beyond low-complexity payload construction. Successful exploitation grants arbitrary code execution on the runner environment, potentially compromising the confidentiality, integrity, and availability of the runner's resources.

The GitHub security advisory (GHSA-r4fj-r33x-8v88) notes that, at the time of publication on 2026-03-31, no publicly available patches exist for this issue.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

wenxian is a tool to generate BIBTEX files from given identifiers (DOI, PMID, arXiv ID, or paper title). In versions 0.3.1 and prior, a GitHub Actions workflow uses untrusted user input from issue_comment.body directly inside a shell command, allowing potential…

more

command injection and arbitrary code execution on the runner. At time of publication, there are no publicly available patches.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1677 Poisoned Pipeline Execution Execution
Adversaries may manipulate continuous integration / continuous development (CI/CD) processes by injecting malicious code into the build process.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

Command injection in GitHub Actions workflow via unauthenticated issue comments enables poisoned pipeline execution (T1677), exploitation of public-facing application (T1190), and Unix shell command execution (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-7204Shared CWE-77, CWE-78
CVE-2026-2152Shared CWE-77, CWE-78
CVE-2026-5677Shared CWE-77, CWE-78
CVE-2026-2157Shared CWE-77, CWE-78
CVE-2026-7136Shared CWE-77, CWE-78
CVE-2026-7121Shared CWE-77, CWE-78
CVE-2026-9387Shared CWE-77, CWE-78
CVE-2026-9477Shared CWE-77, CWE-78
CVE-2026-2063Shared CWE-77, CWE-78
CVE-2026-2847Shared CWE-77, CWE-78

Affected Assets

njzjz
wenxian
≤ 0.3.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation and sanitization of untrusted user inputs from issue_comment.body before use in shell commands to prevent command injection.

preventrecover

Mandates identification, reporting, and correction of flaws such as this command injection vulnerability in the GitHub Actions workflow.

prevent

Ensures secure configuration settings for GitHub Actions workflows, including input handling practices that mitigate direct shell command injection.

References