CVE-2026-40316
Published: 15 April 2026
Summary
CVE-2026-40316 is a high-severity Code Injection (CWE-94) vulnerability. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Compromise Software Supply Chain (T1195.002); ranked at the 20.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SA-15 (Development Process, Standards, and Tools).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Mandates secure development standards and tools for CI/CD pipelines like GitHub Actions workflows to prevent execution of untrusted code from pull requests.
Enforces secure configuration settings for GitHub Actions workflows, avoiding high-privilege pull_request_target triggers without safeguards against untrusted file execution.
Applies least privilege to GITHUB_TOKEN and repository secrets in workflows, limiting the scope of compromise from RCE exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability in GitHub Actions workflow enables malicious Python code injection via PR (executed on import during makemigrations), directly facilitating supply chain compromise of the repository/CI environment and arbitrary Python code execution.
NVD Description
OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workflows/regenerate-migrations.yml workflow. The workflow uses the pull_request_target trigger to run with full…
more
GITHUB_TOKEN write permissions, copies attacker-controlled files from untrusted pull requests into the trusted runner workspace via git show, and then executes python manage.py makemigrations, which imports Django model modules including attacker-controlled website/models.py at runtime. Any module-level Python code in the attacker's models.py is executed during import, enabling arbitrary code execution in the privileged CI environment with access to GITHUB_TOKEN and repository secrets. The attack is triggerable by any external contributor who can open a pull request, provided a maintainer applies the regenerate-migrations label, potentially leading to secret exfiltration, repository compromise, and supply chain attacks. A patch for this issue is expected to be released in version 2.1.1.
Deeper analysisAI
CVE-2026-40316 is a remote code execution (RCE) vulnerability with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), associated with CWEs 94 and 95, affecting OWASP BLT versions prior to 2.1.1. OWASP BLT is a QA testing and vulnerability disclosure platform encompassing websites, apps, git repositories, and more. The vulnerability exists in the .github/workflows/regenerate-migrations.yml GitHub Actions workflow, which uses the pull_request_target trigger to run with full GITHUB_TOKEN write permissions.
Any external contributor can exploit this by opening a pull request containing malicious code in website/models.py. If a maintainer applies the "regenerate-migrations" label, the workflow copies attacker-controlled files from the untrusted pull request into the trusted runner workspace via git show and executes python manage.py makemigrations. This command imports Django model modules, including the attacker's models.py, at runtime, executing any module-level Python code and enabling arbitrary code execution in the privileged CI environment. Attackers gain access to the GITHUB_TOKEN and repository secrets, potentially leading to secret exfiltration, repository compromise, and supply chain attacks.
A patch for this issue is expected to be released in OWASP BLT version 2.1.1. Additional details are available in the GitHub security advisory at https://github.com/OWASP-BLT/BLT/security/advisories/GHSA-wxm3-64fx-cmx9.
Details
- CWE(s)