Conda‑smithy is a build tool that combines a conda recipe with CI configuration into a single repository. Prior to version 3.61.0 the automated conda‑forge webservices used a user's GitHub username as the key for repository invitation routing. Because GitHub usernames can change, an attacker who takes control of another user's account or creates a new account with a takeover can cause the webservices to send a repository invitation to an unintended target, granting that attacker write access to the feedstock repository. The impact is a privilege escalation that may allow the attacker to modify or inject code or configuration into the feedstock, compromising the integrity of builds that use the repository.

The vulnerability affects the conda‑forge feedstock repository tool conda‑smithy version 3.60.x and earlier. Users of conda‑smithy who use the conda‑forge automated webservices to create feedstock repositories and who rely on GitHub usernames for invitation routing are impacted. The issue is resolved in conda‑smithy v3.61.0 and later.

The CVSS score is 7.6, indicating a high severity vulnerability. Because the exploit requires an attacker to have control over a GitHub account or to create a takeover, it is not trivially exploitable from the internet, and no EPSS score is available. Although the vulnerability is not listed in the CISA KEV catalog, administrators should consider it a potential attack vector for feedstock repositories hosted on conda‑forge. The attack would proceed by acquiring a GitHub username that matches an intended target, triggering the automated invitation flow, and then exploiting the write permissions granted to the repository. Once write access is obtained, the attacker could modify packages or inject malicious code that would propagate through the conda ecosystem.