Cyber Resilience

CVE-2026-40316

HighPublic PoCRCE

Published: 15 April 2026

Published
15 April 2026
Modified
21 May 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0041 32.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-40316 is a high-severity Code Injection (CWE-94) vulnerability in Owasp Owasp Blt. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Compromise Software Supply Chain (T1195.002); ranked at the 32.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SA-15 (Development Process, Standards, and Tools).

Deeper analysis

CVE-2026-40316 is a remote code execution (RCE) vulnerability with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), associated with CWEs 94 and 95, affecting OWASP BLT versions prior to 2.1.1. OWASP BLT is a QA testing and vulnerability disclosure platform encompassing websites, apps, git repositories, and more. The vulnerability exists in the .github/workflows/regenerate-migrations.yml GitHub Actions workflow, which uses the pull_request_target trigger to run with full GITHUB_TOKEN write permissions.

Any external contributor can exploit this by opening a pull request containing malicious code in website/models.py. If a maintainer applies the "regenerate-migrations" label, the workflow copies attacker-controlled files from the untrusted pull request into the trusted runner workspace via git show and executes python manage.py makemigrations. This command imports Django model modules, including the attacker's models.py, at runtime, executing any module-level Python code and enabling arbitrary code execution in the privileged CI environment. Attackers gain access to the GITHUB_TOKEN and repository secrets, potentially leading to secret exfiltration, repository compromise, and supply chain attacks.

A patch for this issue is expected to be released in OWASP BLT version 2.1.1. Additional details are available in the GitHub security advisory at https://github.com/OWASP-BLT/BLT/security/advisories/GHSA-wxm3-64fx-cmx9.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workflows/regenerate-migrations.yml workflow. The workflow uses the pull_request_target trigger to run with full…

more

GITHUB_TOKEN write permissions, copies attacker-controlled files from untrusted pull requests into the trusted runner workspace via git show, and then executes python manage.py makemigrations, which imports Django model modules including attacker-controlled website/models.py at runtime. Any module-level Python code in the attacker's models.py is executed during import, enabling arbitrary code execution in the privileged CI environment with access to GITHUB_TOKEN and repository secrets. The attack is triggerable by any external contributor who can open a pull request, provided a maintainer applies the regenerate-migrations label, potentially leading to secret exfiltration, repository compromise, and supply chain attacks. A patch for this issue is expected to be released in version 2.1.1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1195.002 Compromise Software Supply Chain Initial Access
Adversaries may manipulate application software prior to receipt by a final consumer for the purpose of data or system compromise.
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
Why these techniques?

Vulnerability in GitHub Actions workflow enables malicious Python code injection via PR (executed on import during makemigrations), directly facilitating supply chain compromise of the repository/CI environment and arbitrary Python code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-21876Same vendor: Owasp
CVE-2026-0863Shared CWE-94, CWE-95
CVE-2026-33691Same vendor: Owasp
CVE-2025-66022Same vendor: Owasp
CVE-2026-28505Shared CWE-94, CWE-95
CVE-2025-54322Shared CWE-94, CWE-95
CVE-2026-46586Shared CWE-94, CWE-95
CVE-2026-42603Shared CWE-94, CWE-95
CVE-2026-22666Shared CWE-94, CWE-95
CVE-2025-24893Shared CWE-94, CWE-95

Affected Assets

owasp
owasp blt
≤ 2.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Mandates secure development standards and tools for CI/CD pipelines like GitHub Actions workflows to prevent execution of untrusted code from pull requests.

prevent

Enforces secure configuration settings for GitHub Actions workflows, avoiding high-privilege pull_request_target triggers without safeguards against untrusted file execution.

prevent

Applies least privilege to GITHUB_TOKEN and repository secrets in workflows, limiting the scope of compromise from RCE exploitation.

References