CVE-2026-42298 | gitroomhq postiz-app pr-docker-build.yml code injection (GHSA-v975-9h5p-xhm4)

A vulnerability, which was classified as critical, was found in gitroomhq postiz-app. This affects an unknown function of the file .github/workflows/pr-docker-build.yml. Executing a manipulation can lead to code injection.

This vulnerability is tracked as CVE-2026-42298. The attack can be launched remotely. No exploit exists.

Applying a patch is advised to resolve this issue.VulDB Recent EntriesRead More