PYSEC-2026-1966

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/text-generation/PYSEC-2026-1966.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-1966
Aliases
Published
2026-07-07T11:45:44.234760Z
Modified
2026-07-07T17:48:05.289880784Z
Severity
  • 4.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
code injection vulnerability exists in the huggingface/text-generation-inference repository
Details

A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the autodocs.yml workflow file. The vulnerability arises from the insecure handling of the github.head_ref user input, which is used to dynamically construct a command for installing a software package. An attacker can exploit this by forking the repository, creating a branch with a malicious payload as the name, and then opening a pull request to the base repository. Successful exploitation could lead to arbitrary code execution within the context of the GitHub Actions runner. This issue affects versions up to and including v2.0.0 and was fixed in version 2.0.0.

References

Affected packages

PyPI / text-generation

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.0

Affected versions

0.*
0.1.0
0.2.0
0.2.1
0.3.0
0.3.1
0.4.0
0.4.1
0.5.0
0.5.1
0.5.2
0.6.0
0.6.1
0.7.0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/text-generation/PYSEC-2026-1966.yaml"