Description
Mesa is an open-source Python library for agent-based modeling, simulating complex systems and exploring emergent behaviors. In version 3.5.0 and prior, checking out of untrusted code in benchmarks.yml workflow may lead to code execution in privileged runner. This issue has been patched via commit c35b8cd.
Published: 2026-03-06
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

Mesa is an open‑source Python library. In versions 3.5.0 and earlier, the benchmarks.yml workflow could be manipulated to execute arbitrary code in a privileged GitHub Actions runner. The flaw is a classic code injection error (CWE‑94). This allows an attacker to run malicious commands with the permissions of the runner, creating a full compromise of the CI environment.

Affected Systems

The vulnerability affects the Mesa library (mesa:mesa) versions 3.5.0 and older. All installations that rely on these versions and use the benchmarks.yml CI workflow are susceptible. The issue was resolved by commit c35b8cd, so newer releases are not affected.

Risk and Exploitability

The CVSS score is 8.3, reflecting high severity. The EPSS score is less than 1 %, indicating low probability of widespread exploitation at present, and the vulnerability is not listed in CISA’s KEV catalog. Attackers would need to supply untrusted code checked out by the benchmarks.yml workflow, but the vulnerability can be triggered directly in a privileged runner without additional prerequisites. Until a patch is applied, the risk remains high for CI environments that run the workflow.

Generated by OpenCVE AI on April 16, 2026 at 11:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Mesa library to a version newer than 3.5.0, which includes the patch that fixes the code injection risk.
  • If an upgrade is not immediately possible, apply the hot‑fix commit c35b8cd to the source of the benchmarks.yml workflow or to the repository containing the library.
  • Restrict the benchmarks.yml workflow to run only with trusted source code, and remove or disable privileged runners until the update is performed.

Generated by OpenCVE AI on April 16, 2026 at 11:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 00:30:00 +0000

Type Values Removed Values Added
First Time appeared Mesa Project
Mesa Project mesa
CPEs cpe:2.3:a:mesa_project:mesa:*:*:*:*:*:python:*:*
Vendors & Products Mesa Project
Mesa Project mesa

Mon, 09 Mar 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 09 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Mesa
Mesa mesa
Vendors & Products Mesa
Mesa mesa

Fri, 06 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
Description Mesa is an open-source Python library for agent-based modeling, simulating complex systems and exploring emergent behaviors. In version 3.5.0 and prior, checking out of untrusted code in benchmarks.yml workflow may lead to code execution in privileged runner. This issue has been patched via commit c35b8cd.
Title Mesa: Checking out of untrusted code in `benchmarks.yml` workflow may lead to code execution in privileged runner
Weaknesses CWE-94
References
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L'}

Subscriptions

Mesa Mesa
Mesa Project Mesa
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-09T15:00:07.203Z

Reserved: 2026-03-03T20:51:43.483Z

Link: CVE-2026-29075

cve-icon Vulnrichment

Updated: 2026-03-09T14:59:57.569Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-06T17:16:34.167

Modified: 2026-03-11T00:21:12.510

Link: CVE-2026-29075

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T11:30:15Z

Weaknesses