CVE-2025-15617

Source
https://cve.org/CVERecord?id=CVE-2025-15617
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15617.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-15617
Aliases
  • GHSA-6xqr-4q5g-xc7x
Published
2026-03-27T18:04:13.691Z
Modified
2026-07-08T06:51:28.304570430Z
Severity
  • 8.3 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N CVSS Calculator
Summary
Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials
Details

Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commits or altering release tags.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/15xxx/CVE-2025-15617.json",
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
        "CWE-522"
    ]
}
References

Affected packages

Git / github.com/wazuh/wazuh

Affected ranges

Type
GIT
Repo
https://github.com/wazuh/wazuh
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_STRING"
    ],
    "cpe": "cpe:2.3:a:wazuh:wazuh:4.12.0:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "4.12.0"
        },
        {
            "last_affected": "4.12.0"
        }
    ]
}

Affected versions

4.*
4.12.0
v4.*
v4.12.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15617.json"