Vulnerabilities in nektos

3 results

CVE-2023-22726HIGHUnrestricted file upload leading to privilege escalation in actEPSS 1.3%CVE-2026-34041HIGHact: Unrestricted set-env and add-path command processing enables environment injectionEPSS 0.6%CVE-2026-34042HIGHact: actions/cache server allows malicious cache injectionEPSS 0.5%