Cyber Resilience

CVE-2026-44590

CriticalRCE

Published: 27 May 2026

Published
27 May 2026
Modified
29 May 2026
KEV Added
Patch
CVSS Score v3.1 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N
EPSS Score 0.0114 62.7th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-44590 is a critical-severity OS Command Injection (CWE-78) vulnerability. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 37.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2026-44590 affects the Sherlock social media username search tool prior to version 0.16.1. The vulnerability is a command injection flaw (CWE-78) in the validate_modified_targets.yml GitHub Actions workflow, which uses the pull_request_target trigger. It carries a CVSS 3.1 score of 9.3 reflecting network attack vector, low complexity, and impacts on confidentiality and integrity within the CI environment.

Any unauthenticated GitHub user can trigger the issue simply by opening a pull request against the repository. Successful exploitation allows arbitrary command execution on the workflow runner and exfiltration of the GITHUB_TOKEN without requiring approval, review, or merge of the pull request.

The project security advisory GHSA-v6wr-ccr4-x8g9 states that the flaw is resolved in release 0.16.1. The associated EPSS score remains low and unchanged at 0.0138 with no observed upward trajectory after disclosure.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validate_modified_targets.yml is vulnerable to command injection via the pull_request_target trigger. Any GitHub user can execute arbitrary commands on the CI runner and…

more

exfiltrate the GITHUB_TOKEN by opening a pull request. No approval, review, or merge is required. This vulnerability is fixed in 0.16.1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

pull_request_target workflow enables unauthenticated command injection (CWE-78) on public CI runner, directly matching public app exploitation and arbitrary command execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-28470Shared CWE-78
CVE-2025-69269Shared CWE-78
CVE-2025-24971Shared CWE-78
CVE-2026-22553Shared CWE-78
CVE-2026-22901Shared CWE-78
CVE-2026-1345Shared CWE-78
CVE-2026-6349Shared CWE-78
CVE-2025-9588Shared CWE-78
CVE-2026-24689Shared CWE-78
CVE-2025-0457Shared CWE-78

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly blocks command injection by requiring validation/sanitization of untrusted pull-request data before it is used in shell commands within the workflow.

prevent

Enforces least-privilege scoping of the GITHUB_TOKEN so that even a successful injection cannot exfiltrate high-value credentials or perform unauthorized repository actions.

prevent

Restricts the workflow to only the minimal set of actions, triggers, and shell features needed, eliminating the dangerous pull_request_target + unchecked input pattern.

References