CVE-2025-54594 | callstackincubator react-native-bottom-tabs up to 0.9.2 release-canary.yml privileges management (GHSA-588g-38p4-gr6x)

A vulnerability, which was classified as critical, has been found in callstackincubator react-native-bottom-tabs up to 0.9.2. Affected by this issue is some unknown functionality of the file github/workflows/release-canary.yml. The manipulation leads to improper privilege management.

This vulnerability is handled as CVE-2025-54594. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More