CVE-2026-47174 | duck-organization duck-site up to 1.0.0 Pull Request inclusion of functionality from untrusted control sphere (GHSA-qj93-7xrg-rvhw)

A vulnerability, which was classified as critical, has been found in duck-organization duck-site up to 1.0.0. This affects an unknown part of the component Pull Request Handler. The manipulation leads to inclusion of functionality from untrusted control sphere.

This vulnerability is uniquely identified as CVE-2026-47174. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More