Description
Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validate_modified_targets.yml is vulnerable to command injection via the pull_request_target trigger. Any GitHub user can execute arbitrary commands on the CI runner and exfiltrate the GITHUB_TOKEN by opening a pull request. No approval, review, or merge is required. This vulnerability is fixed in 0.16.1.
Published: 2026-05-27
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Sherlock is a tool for searching social media accounts. The GitHub Actions workflow validate_modified_targets.yml contains a flaw that allows command injection when triggered by a pull_request_target event. An attacker can execute arbitrary commands on the CI runner and steal the GITHUB_TOKEN by simply opening a pull request. The token provides full access to the repository, enabling any repository action.

Affected Systems

The vulnerability affects all releases of the Sherlock Project's Sherlock before version 0.16.1. Any contributor who can open a pull request against a repository that hosts the vulnerable workflow can trigger the injection. The affected product is Sherlock, the open‑source social‑media hunting tool hosted on github.com/sherlock‑project/sherlock.

Risk and Exploitability

The CVSS score of 9.3 classifies the vulnerability as critical. The EPSS score is not available, but the absence from CISA’s KEV catalog does not reduce the risk. Exploitation requires only the ability to open a pull request; no review, approval, or merge is needed. The attacker can run arbitrary commands on the CI runner, exfiltrate the repository token, and then use that token to perform any action that the token permits.

Generated by OpenCVE AI on May 27, 2026 at 22:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Sherlock to version 0.16.1 or later to remove the vulnerable workflow file.
  • Disable or restrict the pull_request_target trigger in validate_modified_targets.yml by removing the workflow file, altering the trigger, or limiting it to trusted users.
  • Reconfigure the workflow to use the permissions key with the minimal required scopes, or replace the default GITHUB_TOKEN with a token that has limited access.

Generated by OpenCVE AI on May 27, 2026 at 22:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validate_modified_targets.yml is vulnerable to command injection via the pull_request_target trigger. Any GitHub user can execute arbitrary commands on the CI runner and exfiltrate the GITHUB_TOKEN by opening a pull request. No approval, review, or merge is required. This vulnerability is fixed in 0.16.1.
Title Sherlock: Command Injection via pull_request_target in validate_modified_targets.yml
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 9.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-27T19:23:01.638Z

Reserved: 2026-05-06T21:49:12.425Z

Link: CVE-2026-44590

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-27T20:16:37.293

Modified: 2026-05-27T20:16:37.293

Link: CVE-2026-44590

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T22:15:25Z

Weaknesses