CVE-2026-42298 Overview
Postiz is an AI-powered social media scheduling tool maintained by gitroomhq. CVE-2026-42298 is a Pwn Request vulnerability in the Build and Publish PR Docker Image workflow located at .github/workflows/pr-docker-build.yml. The flaw allows unauthenticated attackers to execute arbitrary code during the Docker build process by opening a pull request from a fork with a maliciously modified Dockerfile.dev. Successful exploitation exfiltrates a GITHUB_TOKEN with write-all permissions, granting full control over the repository. The issue was patched in commit da44801. The vulnerability is classified under CWE-94: Improper Control of Generation of Code.
Critical Impact
An unauthenticated attacker can obtain a highly privileged GITHUB_TOKEN with write-all permissions and execute arbitrary code in the repository's CI/CD pipeline, leading to full repository compromise and supply chain attacks.
Affected Products
- Postiz (gitroomhq/postiz-app) prior to commit da44801
- Repositories using the vulnerable .github/workflows/pr-docker-build.yml workflow
- Downstream Docker images built from the affected workflow
Discovery Timeline
- 2026-05-08 - CVE-2026-42298 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-42298
Vulnerability Analysis
The vulnerability falls into the well-known Pwn Request category of GitHub Actions misconfigurations. The Postiz workflow pr-docker-build.yml checks out untrusted code from a forked pull request and then executes it within a privileged CI context. Because Docker build steps invoke arbitrary instructions defined in Dockerfile.dev, an attacker who controls that file in a fork can run commands of their choosing on the runner. The runner has access to a GITHUB_TOKEN provisioned with write-all permissions, which the attacker can read from the environment and exfiltrate to an external endpoint. Once exfiltrated, the token enables actions such as pushing malicious commits, publishing tampered Docker images, modifying releases, or backdooring the codebase, resulting in a supply chain compromise.
Root Cause
The root cause is improper trust of untrusted pull request content combined with elevated workflow permissions. The workflow triggers on pull requests from forks but grants write-all permissions and executes attacker-controlled build files. This violates the principle of least privilege and the GitHub Actions guidance to never run untrusted code under the pull_request_target trigger or with elevated tokens.
Attack Vector
Exploitation requires only the ability to open a pull request against the Postiz repository, which any unauthenticated GitHub user can do. The attacker forks the repository, modifies Dockerfile.dev to include malicious RUN directives that read environment variables and exfiltrate the GITHUB_TOKEN, and submits the pull request. When the vulnerable workflow runs, the malicious Dockerfile instructions execute on the GitHub-hosted runner with full token privileges. Technical details and the fix are documented in the GitHub Security Advisory GHSA-v975-9h5p-xhm4 and the remediation commit da44801.
Detection Methods for CVE-2026-42298
Indicators of Compromise
- Pull requests from forks that modify Dockerfile.dev, Dockerfile, or other build-context files referenced by the workflow.
- Unexpected outbound network connections from GitHub Actions runners during Docker build steps.
- Anomalous Git operations, releases, or package pushes performed by the github-actions[bot] identity outside of normal maintainer activity.
Detection Strategies
- Audit GitHub Actions workflow run logs for executions of pr-docker-build.yml originating from forked pull requests prior to applying commit da44801.
- Review repository audit logs for token usage events, branch protection changes, and unexpected workflow modifications.
- Inspect commits and tags signed or pushed by automation accounts for content that does not correspond to a maintainer-approved pull request.
Monitoring Recommendations
- Enable GitHub branch protection and require approval for workflow runs on pull requests from first-time contributors.
- Forward GitHub audit and Actions logs to a centralized SIEM and alert on workflow file changes and token-permission escalations.
- Continuously scan repository workflows for pull_request_target triggers combined with checkout of PR head refs.
How to Mitigate CVE-2026-42298
Immediate Actions Required
- Update the Postiz repository to a build that includes commit da44801 or later.
- Rotate any GITHUB_TOKEN-derived secrets, deploy keys, and registry credentials that may have been exposed via the vulnerable workflow.
- Review recent pull requests and workflow runs for evidence of exploitation, and revert any unauthorized changes to code, releases, or container images.
Patch Information
The maintainers fixed the vulnerability in commit da448012dd87e94944cbe83a38e7fd023269ec46. The patch removes the unsafe execution of untrusted pull request content during Docker builds. Detailed remediation guidance is published in the GitHub Security Advisory GHSA-v975-9h5p-xhm4.
Workarounds
- Disable or remove .github/workflows/pr-docker-build.yml until the patched commit is applied.
- Restrict workflow permissions to contents: read and avoid write-all tokens on pull request triggers.
- Require maintainer approval before running workflows on pull requests from forks via the repository Actions settings.
# Configuration example: enforce least-privilege token and require approval
# In .github/workflows/pr-docker-build.yml
permissions:
contents: read
on:
pull_request:
branches: [ main ]
# Repository settings -> Actions -> General:
# Fork pull request workflows from outside collaborators:
# "Require approval for all outside collaborators"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
