Description
Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in jellyfin/jellyfin-ios is vulnerable to arbitrary code execution via pull requests from forked repositories. Due to the workflow's elevated permissions (nearly all write permissions), this vulnerability enables full repository takeover of jellyfin/jellyfin-ios, exfiltration of highly privileged secrets, Apple App Store supply chain attack, GitHub Container Registry (ghcr.io) package poisoning, and full jellyfin organization compromise via cross-repository token usage. Note: This is not a code vulnerability, but a vulnerability in the GitHub Actions workflows. No new version is required for this GHSA and end users do not need to take any actions.
Published: 2026-03-11
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Repository takeover and secret disclosure
Action: No action needed
AI Analysis

Impact

An elevated‑permission GitHub Actions workflow named code-quality.yml in the jellyfin/jellyfin-ios repository allows arbitrary code execution when a pull request originates from a forked repository. This flaw enables a malicious actor to run code with high‑level permissions, leading to a full takeover of the repository, exfiltration of privileged secrets, and the potential for supply‑chain attacks on the Apple App Store build and package poisoning in GitHub Container Registry. The weakness represents a privilege escalation due to improper workflow configuration (CWE‑269).

Affected Systems

The vulnerability exists in the code-quality.yml workflow used by the jellyfin organization on GitHub. It does not target a particular software version, so any use of this workflow in the jellyfin/jellyfin-ios repository is affected. End users of the iOS client do not need to take action, but maintainers of the repository must review workflow permissions.

Risk and Exploitability

The flaw carries a maximum severity score of 10, indicating the highest damage potential if exploited. An estimated exploit probability is below 1%, suggesting that active attacks have not been observed yet. The vulnerability is not listed in the Known Exploited Vulnerabilities catalog, which further implies limited public exploitation. The attack vector can be inferred to be a pull request from a forked repository that triggers the workflow, requiring only the ability to create such a PR. Once the workflow runs, the attacker can obtain repository administration rights and confidential secrets.

Generated by OpenCVE AI on March 20, 2026 at 17:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Limit the permissions granted to the code-quality.yml workflow by removing write and administration scopes
  • Configure the workflow to refuse runs triggered by pull requests from forked repositories
  • Remove or guard any sensitive secrets exposed to the workflow environment
  • Apply branch protection rules to the main branch to require review and status checks before merging
  • Audit the repository’s workflow run history for unexpected or unauthorized executions

Generated by OpenCVE AI on March 20, 2026 at 17:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Jellyfin jellyfin
CPEs cpe:2.3:a:jellyfin:jellyfin:-:*:*:*:*:*:*:*
Vendors & Products Jellyfin jellyfin

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Jellyfin
Jellyfin code-quality.yml
Vendors & Products Jellyfin
Jellyfin code-quality.yml

Wed, 11 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Description Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in jellyfin/jellyfin-ios is vulnerable to arbitrary code execution via pull requests from forked repositories. Due to the workflow's elevated permissions (nearly all write permissions), this vulnerability enables full repository takeover of jellyfin/jellyfin-ios, exfiltration of highly privileged secrets, Apple App Store supply chain attack, GitHub Container Registry (ghcr.io) package poisoning, and full jellyfin organization compromise via cross-repository token usage. Note: This is not a code vulnerability, but a vulnerability in the GitHub Actions workflows. No new version is required for this GHSA and end users do not need to take any actions.
Title Jellyfin Possible Organization/Secret Compromise from dangerous CI implementation
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Jellyfin Code-quality.yml Jellyfin
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-11T17:40:14.800Z

Reserved: 2026-03-09T19:02:25.010Z

Link: CVE-2026-31852

cve-icon Vulnrichment

Updated: 2026-03-11T17:40:01.166Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T17:16:58.600

Modified: 2026-03-20T16:39:05.340

Link: CVE-2026-31852

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T09:55:22Z

Weaknesses