Description
Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, GitHub Actions workflow files contained shell injection points where user-controlled workflow_dispatch inputs were interpolated directly into shell commands via ${{ }} expression syntax. An attacker with repository write access could inject arbitrary shell commands, leading to repository poisoning and supply chain compromise affecting all downstream users. This vulnerability is fixed in 8.39.0.
Published: 2026-04-07
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Code Execution via Shell Injection
Action: Apply Patch
AI Analysis

Impact

User‑controlled workflow_dispatch inputs are directly interpolated into shell commands within GitHub Actions workflow files, creating a shell injection point. An attacker capable of writing to the repository can inject arbitrary shell commands, leading to repository poisoning and a supply chain compromise that affects all downstream users. The weakness is a classic command injection attack and is listed as CWE‑77.

Affected Systems

Emissary, a peer‑to‑peer data‑driven workflow engine, is affected on all releases prior to version 8.39.0. The vulnerability is present in the GitHub Actions workflow files that use the legacy shell command interpolation syntax.

Risk and Exploitability

The CVSS score of 9.1 indicates a critical severity. Although the EPSS score is not available, the vulnerability is not catalogued in the CISA KEV list. The likely attack vector requires repository write access, meaning developers or contributors who can push to the repository can trigger the injection. The impact is wide‑ranging, potentially enabling arbitrary code execution and compromising the integrity of the repository and downstream software that relies on it.

Generated by OpenCVE AI on April 7, 2026 at 22:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Emissary to version 8.39.0 or later.

Generated by OpenCVE AI on April 7, 2026 at 22:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-3g6g-gq4r-xjm9 Emissary has GitHub Actions Shell Injection via Workflow Inputs
History

Thu, 16 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Nsa
Nsa emissary
CPEs cpe:2.3:a:nsa:emissary:*:*:*:*:*:*:*:*
Vendors & Products Nsa
Nsa emissary

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Nationalsecurityagency
Nationalsecurityagency emissary
Vendors & Products Nationalsecurityagency
Nationalsecurityagency emissary

Tue, 07 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Description Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, GitHub Actions workflow files contained shell injection points where user-controlled workflow_dispatch inputs were interpolated directly into shell commands via ${{ }} expression syntax. An attacker with repository write access could inject arbitrary shell commands, leading to repository poisoning and supply chain compromise affecting all downstream users. This vulnerability is fixed in 8.39.0.
Title Emissary has GitHub Actions Shell Injection via Workflow Inputs
Weaknesses CWE-77
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Nationalsecurityagency Emissary
Nsa Emissary
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-07T18:25:26.662Z

Reserved: 2026-04-03T20:09:02.827Z

Link: CVE-2026-35580

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T17:16:33.307

Modified: 2026-04-16T17:59:02.860

Link: CVE-2026-35580

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:48:09Z

Weaknesses