CVE-2026-40903 | patrickhener goshs up to 2.0.0-beta.5 GITHUB_TOKEN inclusion of functionality from untrusted control sphere

A vulnerability has been found in patrickhener goshs up to 2.0.0-beta.5 and classified as critical. This issue affects some unknown processing. The manipulation of the argument GITHUB_TOKEN leads to inclusion of functionality from untrusted control sphere.

This vulnerability is documented as CVE-2026-40903. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More