Wenxian GitHub Actions RCE (CVE-2026-34243)

Overview

A critical security vulnerability, CVE-2026-34243, has been identified in the wenxian tool, a utility for generating BIBTEX files from identifiers like DOI or arXiv IDs. The flaw exists in the project’s GitHub Actions workflow and allows for remote code execution (RCE) with no authentication required.

Vulnerability Details

In wenxian versions 0.3.1 and prior, a GitHub Actions workflow script is configured to process user input from GitHub issue comments. This input, taken directly from the issue_comment.body field, is passed unsanitized into a shell command. Because the input is not validated or escaped, an attacker can craft a malicious comment containing shell metacharacters (like ;, &, |, or backticks) to break out of the intended command and execute arbitrary code on the GitHub Actions runner.

The attack vector is network-based, requires no privileges, and needs no user interaction beyond posting a comment, making it trivial to exploit.

Impact

The impact of this vulnerability is severe. A successful exploit grants an attacker the ability to run any command with the permissions of the GitHub Actions runner. This could lead to:

• Theft of repository secrets (like API keys or deployment tokens).
• Corruption or deletion of source code.
• Use of the runner as a pivot point for further attacks within the organization’s network.
• Deployment of malicious code into the project itself, potentially compromising downstream users, similar to the software supply chain risks seen in incidents like the GlassWorm attack.

Remediation and Mitigation

As of publication, there is no official patch from the project maintainers. Users and organizations leveraging wenxian must take immediate action.

• Disable the Workflow: The most effective mitigation is to immediately disable the affected GitHub Actions workflow in any forked or internal repositories using wenxian.
• Monitor for Updates: Watch the official wenxian repository for a security fix. Any update should be applied immediately.
• Audit Logs: Review GitHub Actions logs for any suspicious activity or unexpected command execution.
• Rotate Secrets: As a precaution, consider rotating any secrets that were accessible to the GitHub Actions runner.

Until a patched version is released, the tool should be considered unsafe for use in its current form within automated CI/CD pipelines.

Security Insight

This vulnerability underscores the persistent risk of injecting untrusted user input into CI/CD contexts, a flaw pattern that turns automation tools into potent attack vectors. It mirrors the critical weakness in many early software supply chain attacks, where build systems were compromised not through complex exploits, but through simple failure to sanitize basic user-controlled data. The absence of a patch at disclosure highlights the security challenges faced by smaller open-source tooling, where maintainer response time can lag significantly behind the discovery of high-severity flaws.

Further Reading

• GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push…
• All Critical Vulnerabilities
• Recent Critical Vulnerabilities
• Top Critical CVEs