CVE-2026-40903 - Goshs - ArtiPACKED Vulnerability – GitHub Actions Credential Persistence
CVE ID :CVE-2026-40903 Published : April 21, 2026, 7:43 p.m. | 23 minutes ago Description :goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUB_TOKEN through workflow artifacts, even though the tok
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Lazarus Lures Developers With Backdoored Coding Tests
- [CYBER] Recent Microsoft Defender Vulnerability Exploited as Zero-Day
- [CYBER] Microsoft Graph API misused by new GoGra Linux malware for hidden communication
- [CYBER] Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
- [CYBER] Any Chance Something Happened?
- [CYBER] Fake Wallpaper App, YouTube Channel Used to Spread notnullOSX Malware