CVE 10 CRITICAL

CloudPirates Open Source Helm Charts: GitHub Actions workflow leaks PAT and SSH signing key via unsafe credential handling_CVE-2026-45132

June 1, 2026 invoker category_cve

10 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Description

CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token and SSH signing key) to fork-controlled code due to unsafe checkout and credential handling practices. This issue has been patched via commit fcf9302.

AI Analysis

Exposure of sensitive credentials due to unsafe checkout and credential handling practices in GitHub Actions workflow

Basic Information

ID CVE-2026-45132

Source GitHub_M

Published Jun 1, 2026 at 16:13

Affected Product

Vendor CloudPirates-io

Product helm-charts

Version < fcf930211604652aec15085895b6457bc8b73b54

Affected Versions CloudPirates-io helm-charts < fcf930211604652aec15085895b6457bc8b73b54

CWE Classification

CWE-94

AI Assessment

AI Score 10 / 10

AI Severity Critical

Vendor CloudPirates-io

Product helm-charts

Version < fcf930211604652aec15085895b6457bc8b73b54

References

{
    "lastseen": "",
    "description": "CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token and SSH signing key) to fork-controlled code due to unsafe checkout and credential handling practices. This issue has been patched via commit fcf9302.",
    "published": "2026-06-01T16:13:37.215Z",
    "modified": "2026-06-01T16:13:37.215Z",
    "type": "cve",
    "title": "CloudPirates Open Source Helm Charts: GitHub Actions workflow leaks PAT and SSH signing key via unsafe credential handling",
    "source": "GitHub_M",
    "references": "https://github.com/CloudPirates-io/helm-charts/security/advisories/GHSA-r874-j8fr-x2pj\nhttps://github.com/CloudPirates-io/helm-charts/commit/fcf930211604652aec15085895b6457bc8b73b54",
    "id": "CVE-2026-45132",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "CloudPirates-io helm-charts < fcf930211604652aec15085895b6457bc8b73b54",
    "sourceHref": "",
    "cvss": {
        "score": 10,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "helm-charts",
    "version": "< fcf930211604652aec15085895b6457bc8b73b54",
    "vendor": "CloudPirates-io",
    "ai_description": "Exposure of sensitive credentials due to unsafe checkout and credential handling practices in GitHub Actions workflow",
    "ai_severity": "Critical",
    "ai_vendor": "CloudPirates-io",
    "ai_product": "helm-charts",
    "ai_version": "< fcf930211604652aec15085895b6457bc8b73b54",
    "ai_score": 10
}

💭 Join the Security Discussion ❌ Cancel Reply