Vulnerability Description
OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the `pull_request_target` event while checking out and executing untrusted code from forked pull requests. These workflows run with the security context of the base repository, including a write-privileged `GITHUB_TOKEN` and numerous sensitive secrets (API keys, database/vector store tokens, and a Google Cloud service account key). Version 1.37.1 contains a fix.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openlit | Openlit Software Development Kit | >= 1.36.2, < 1.37.1 |
Related Weaknesses (CWE)
References
- https://github.com/openlit/openlit/commit/4a62039a1659d6cbb8913172693f587b5fc254Patch
- https://github.com/openlit/openlit/security/advisories/GHSA-9jgv-x8cq-296qExploitMitigationVendor Advisory
FAQ
What is CVE-2026-27941?
CVE-2026-27941 is a vulnerability with a CVSS score of 9.9 (CRITICAL). OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the `pull_request_target` event while checking out a...
How severe is CVE-2026-27941?
CVE-2026-27941 has been rated CRITICAL with a CVSS base score of 9.9/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-27941?
Check the references section above for vendor advisories and patch information. Affected products include: Openlit Openlit Software Development Kit.