CVE-2026-27941: OpenLIT RCE — Critical — Patch Now

Overview

A critical security vulnerability has been identified in the OpenLIT open-source platform for AI engineering. This flaw, present in versions prior to 1.37.1, could allow a malicious actor to gain unauthorized access to sensitive systems and data through the project’s GitHub repository.

Vulnerability Explained

In simple terms, the vulnerability exists in the automated workflows (GitHub Actions) that run when an external contributor submits a code change. These workflows were configured to automatically trust and execute code from these external submissions while granting it high-level permissions. This is akin to giving a stranger a master key to your office and letting them run any program they want on your company computer.

Specifically, the workflows used the pull_request_target event. When code from an untrusted fork was processed, it ran with the full access privileges of the main OpenLIT repository. This included a powerful GITHUB_TOKEN with write permissions and access to numerous embedded secrets like API keys, database credentials, and cloud service account keys.

Potential Impact

The impact of this vulnerability is severe. A malicious actor could exploit it by submitting a specially crafted pull request to the OpenLIT GitHub repository. If successful, the attack could lead to:

• Secret Theft: Compromise of all sensitive API keys, database tokens, and the Google Cloud service account key stored in the repository.
• Repository Takeover: Unauthorized modification, deletion, or injection of malicious code directly into the OpenLIT source code.
• Supply Chain Attack: Use of the compromised repository to distribute tampered software to downstream users.
• Financial Loss: Unauthorized use of cloud resources linked to the stolen credentials.

Remediation and Mitigation

Immediate action is required for anyone using or contributing to OpenLIT.

1. Upgrade Immediately: The primary fix is to upgrade OpenLIT to version 1.37.1 or later. This version corrects the insecure workflow configurations.

2. Rotate All Exposed Secrets: If you are a maintainer of the OpenLIT repository, you must treat all secrets present in the repository prior to the fix as compromised. Rotate them immediately. This includes:

   • All API keys and tokens.
   • Database and vector store credentials.
   • The Google Cloud service account key.
   • Any other passwords or access tokens stored in the repository secrets, variables, or within code.

3. Review Repository Activity: Maintainers should audit repository logs for any suspicious commits, workflow runs, or issues created around the time of any pull requests from unknown contributors.

4. General Best Practice: For IT professionals managing GitHub Actions, always audit workflows that use pull_request_target. Ensure they do not checkout and run code from the untrusted fork. Use the more restrictive pull_request event whenever possible, and explicitly design workflows to avoid trusting uncontrolled code with privileged access.