pkg:Go/github.com/nektos/act

6 total CVEsHIGH4

✅ Check your installed version

All known vulnerabilities

  • HIGH8.8CVE-2023-22726act vulnerable to arbitrary file upload in artifact server in github.com/nektos/act
    from 0, < 0.2.40
  • HIGH8.8CVE-2023-22726act vulnerable to arbitrary file upload in artifact server in github.com/nektos/act
    from 0, < 0.2.40
  • HIGH8.2CVE-2026-34042act: actions/cache server allows malicious cache injection
    from 0, < 0.2.86
  • HIGH8.2CVE-2026-34042act: actions/cache server allows malicious cache injection
    from 0, < 0.2.86
  • CVE-2026-34041act: Unrestricted set-env and add-path command processing enables environment injection
    from 0, < 0.2.86
  • CVE-2026-34041act: Unrestricted set-env and add-path command processing enables environment injection
    from 0, < 0.2.86