OS Command Injection in trivy-action - CVE-2026-26189
Published: April 4, 2026
Vulnerability identifier: #VU124869
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-26189
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Aqua Security
Affected software:
trivy-action
trivy-action
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary commands.
The vulnerability exists due to improper neutralization of special elements used in an os command in the composite action environment variable export and sourcing logic when processing attacker-controlled action inputs into trivy_envs.txt. A remote privileged user can supply input containing shell metacharacters to execute arbitrary commands.
The issue affects workflows that pass attacker-controlled data into action inputs that are written to trivy_envs.txt and then sourced by entrypoint.sh, resulting in command execution in the GitHub Actions runner context.
How to mitigate CVE-2026-26189
Install security update from vendor's website.