CVE-2025-30066
tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability - [Actively Exploited]
Description
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.)
INFO
Published Date :
March 15, 2025, 6:15 a.m.
Last Modified :
Nov. 5, 2025, 7:27 p.m.
Remotely Exploit :
Yes !
Source :
[email protected]
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
tj-actions/changed-files GitHub Action contains an embedded malicious code vulnerability that allows a remote attacker to discover secrets by reading Github Actions Workflow Logs. These secrets may include, but are not limited to, valid AWS access keys, GitHub personal access tokens (PATs), npm tokens, and private RSA keys.
Apply mitigations as set forth in the CISA instructions linked below. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Unknown
This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: CISA Mitigation Instructions: https://www.cisa.gov/news-events/alerts/2025/03/18/supply-chain-compromise-third-party-tj-actionschanged-files-cve-2025-30066-and-reviewdogaction ; Additional References: https://github.com/tj-actions/changed-files/blob/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73/README.md?plain=1#L20-L28 ; https://nvd.nist.gov/vuln/detail/CVE-2025-30066
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | HIGH | [email protected] | ||||
| CVSS 3.1 | HIGH | [email protected] |
Solution
- Update tj-actions to a version later than v45.0.7.
- Review logs for any signs of compromise.
Public PoC/Exploit Available at Github
CVE-2025-30066 has a 51 public
PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-30066.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-30066 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-30066
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Lockfile-first scanner for compromised npm/PyPI/Maven/Cargo/Go/RubyGems packages — OSV + curated extras feed, SLSA L3, locked-container CI
cargo cli dependency-scanner devsecops go lockfile maven npm osv pypi python rubygems sarif sca security sigstore slsa supply-chain supply-chain-security vulnerability-scanner
Makefile Python Shell
Tag-drift monitor for public artifact registries — detects tag-poisoning supply-chain attacks across OCI, GitHub refs, npm, and generic URL+checksum targets
Dockerfile Python
Find vulnerabilities. Ship secure. — Senior security-engineer skill for AI coding agents. OWASP Top 10, CWE Top 25, secrets detection, IaC + CI hardening, and a read-only auditor subagent. MIT.
ai-agents appsec bridgemind claude-code claude-code-skill code-review cwe owasp plugin secrets-detection security skill vibe-coding vulnerability-detection
Shell
None
JavaScript TypeScript CSS
purplegate — Red/blue-team CI gate for agentic-AI apps. Prompt-injection, secrets, SAST, deps, IaC/RLS, workflow injection, MCP checks. One signed GitHub Action, mapped to OWASP LLM Top 10 v2025 + MITRE ATLAS.
agentic-ai ai-security ci-cd devsecops github-action llm-security mitre-atlas owasp owasp-llm-top-10 prompt-injection prompt-injection-detection sa sarif security supply-chain-security
Dockerfile Python
Deliberately vulnerable test targets for AutonAgent scanning — Node.js, Python, Go
macOS vulnerability check script - detects 23 recent supply chain attacks and CVEs (Jan-Apr 2026)
Shell
None
JavaScript TypeScript CSS
Expert CI/CD pipeline architect, reviewer, optimizer, debugger, and security auditor. Claude Code plugin with embedded knowledge base.
None
Python
CI/CD Security Posture Scanner
cicd security-tools iac security opensource
Makefile Python Shell HCL Dockerfile CSS
A curated timeline of real AI agent security incidents, breaches, and vulnerabilities (2024-2026). Every entry sourced and dated.
ai-agent-security ai-agents ai-security awesome-list cybersecurity llm-security mcp-security prompt-injection supply-chain-security adversarial-attacks agent-security agentic-ai ai-attacks ai-safety cve incident-response owasp red-team security-research vulnerability
Offensive GitHub Actions attack surface analyzer : scan any repo for CI/CD vulnerabilities, pwn requests, supply chain risks, and secret leaks. Powered by 20 detection rules with CVSS scoring and OWASP CI/CD Top 10 mapping.
cicd-security cvss github-actions owasp security serif static-analysis workflow-security
HTML JavaScript CSS
None
Shell JavaScript
The Tracebit Community GitHub Action helps developers detect intrusions and supply-chain attacks across their GitHub workflows and pipelines by deploying canary credentials.
actions canaries deception security typescript canary-tokens honeypots
Shell TypeScript
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-30066 vulnerability anywhere in the article.
-
The Cyber Express
Axios Supply Chain Attack Exposes Developers to Hidden Malware
The Axios supply chain attack that surfaced on March 31, 2026, has raised serious concerns across the JavaScript ecosystem, exposing how a compromised npm Account can be leveraged to distribute malwar ... Read more
-
The Cyber Express
Hackers Exploit React2Shell Vulnerability to Deploy Miners and Botnets Worldwide
Threat actors have been actively exploiting a critical vulnerability in React Server Components, tracked as CVE-2025-55182 and commonly referred to as React2Shell, to compromise systems across multipl ... Read more
-
Daily CyberSecurity
“Repo Squatting”: How Hackers Are Using GitHub’s Own Features to Hijack Official Repos
In a clever twist on software supply chain attacks, threat actors are weaponizing a quirk in GitHub’s architecture to distribute malware that appears to come from trusted, official sources. A new repo ... Read more
-
The Cyber Express
Critical Net-SNMP Flaw CVE-2025-68615 Allows Remote Buffer Overflow and Service Crashes
A newly disclosed security issue in the Net-SNMP software suite has raised serious concerns for organizations that rely on the protocol to monitor and manage network infrastructure. The vulnerability, ... Read more
-
Daily CyberSecurity
The Developer Win: GitHub Postpones Self-Hosted Runner Fee After Massive Community Outcry
Recently, the code hosting platform GitHub published a blog post announcing that, starting March 1, 2026, GitHub Actions would begin charging an additional platform fee. Under the proposed change, dev ... Read more
-
Daily CyberSecurity
Self-Hosting No Longer Free: GitHub Introduces New $0.002/Min Platform Fee for Actions
Microsoft-owned code hosting platform GitHub has announced a new pricing change for its Actions service. Previously, GitHub Actions offered a free control plane: as long as workflows ran on servers no ... Read more
-
BleepingComputer
The hidden risks in your DevOps stack data—and how to address them
While DevOps drives innovation and simplifies collaboration, it also comes with its own set of risks and vulnerabilities. Developers rely on Git-based platforms like GitHub, Azure DevOps, Bitbucket, o ... Read more
-
Daily CyberSecurity
GitHub Adds Sign in with Apple for Seamless Login and Anonymous Email Protection
The code-hosting platform GitHub recently introduced Google account sign-in, allowing users to log in swiftly using their Google credentials. This feature is particularly convenient for Chrome users, ... Read more
-
Daily CyberSecurity
GitHub CEO Resigns as Microsoft Integrates the Platform into Its CoreAI Division
In 2018, Microsoft successfully acquired the code hosting platform GitHub for $7.5 billion. At the time, rumors suggested that Google was also preparing a bid, but ultimately Microsoft secured the dea ... Read more
-
Daily CyberSecurity
GitHub Hit by Widespread Outage: Core Services Disrupted Globally
Microsoft-owned code hosting platform GitHub began experiencing a widespread service outage on July 28, 2025, at 16:50 UTC. The disruption has affected multiple core functionalities, including but not ... Read more
-
Google Online Security Blog
Introducing OSS Rebuild: Open Source, Rebuilt to Last
Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-us ... Read more
The following table lists the changes that have been made to the
CVE-2025-30066 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Modified Analysis by [email protected]
Nov. 05, 2025
Action Type Old Value New Value Added Reference Type CISA-ADP: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-30066 Types: US Government Resource -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Oct. 21, 2025
Action Type Old Value New Value Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-30066 -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Oct. 21, 2025
Action Type Old Value New Value Removed Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-30066 -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Oct. 21, 2025
Action Type Old Value New Value Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-30066 -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Mar. 29, 2025
Action Type Old Value New Value Changed Required Action Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Apply mitigations as set forth in the CISA instructions linked below. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. -
Initial Analysis by [email protected]
Mar. 19, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Added CWE NVD-CWE-Other Added CPE Configuration OR *cpe:2.3:a:tj-actions:changed-files:*:*:*:*:*:*:*:* versions up to (including) 45.0.7 Added Reference Type MITRE: https://blog.gitguardian.com/compromised-tj-actions/ Types: Exploit, Third Party Advisory Added Reference Type MITRE: https://github.com/chains-project/maven-lockfile/pull/1111 Types: Issue Tracking Added Reference Type MITRE: https://github.com/espressif/arduino-esp32/issues/11127 Types: Issue Tracking Added Reference Type MITRE: https://github.com/github/docs/blob/962a1c8dccb8c0f66548b324e5b921b5e4fbc3d6/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md?plain=1#L191-L193 Types: Product Added Reference Type MITRE: https://github.com/modal-labs/modal-examples/issues/1100 Types: Issue Tracking Added Reference Type MITRE: https://github.com/rackerlabs/genestack/pull/903 Types: Issue Tracking Added Reference Type MITRE: https://github.com/tj-actions/changed-files/blob/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73/README.md?plain=1#L20-L28 Types: Product Added Reference Type MITRE: https://github.com/tj-actions/changed-files/issues/2463 Types: Issue Tracking Added Reference Type MITRE: https://github.com/tj-actions/changed-files/issues/2464 Types: Issue Tracking Added Reference Type MITRE: https://github.com/tj-actions/changed-files/issues/2477 Types: Issue Tracking Added Reference Type MITRE: https://news.ycombinator.com/item?id=43367987 Types: Issue Tracking, Third Party Advisory Added Reference Type MITRE: https://news.ycombinator.com/item?id=43368870 Types: Issue Tracking, Third Party Advisory Added Reference Type MITRE: https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/ Types: Third Party Advisory Added Reference Type MITRE: https://sysdig.com/blog/detecting-and-mitigating-the-tj-actions-changed-files-supply-chain-attack-cve-2025-30066/ Types: Mitigation, Third Party Advisory Added Reference Type MITRE: https://web.archive.org/web/20250315060250/https://github.com/tj-actions/changed-files/issues/2463 Types: Issue Tracking Added Reference Type CVE: https://www.cisa.gov/news-events/alerts/2025/03/18/supply-chain-compromise-third-party-github-action-cve-2025-30066 Types: Third Party Advisory, US Government Resource Added Reference Type MITRE: https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised Types: Exploit, Mitigation, Third Party Advisory Added Reference Type MITRE: https://www.stream.security/post/github-action-supply-chain-attack-exposes-secrets-what-you-need-to-know-and-how-to-respond Types: Third Party Advisory Added Reference Type MITRE: https://www.sweet.security/blog/cve-2025-30066-tj-actions-supply-chain-attack Types: Third Party Advisory Added Reference Type MITRE: https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 Types: Third Party Advisory -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Mar. 19, 2025
Action Type Old Value New Value Added Date Added 2025-03-18 Added Due Date 2025-04-08 Added Required Action Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Added Vulnerability Name tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability -
CVE Modified by [email protected]
Mar. 18, 2025
Action Type Old Value New Value Added Reference https://blog.gitguardian.com/compromised-tj-actions/ -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Mar. 18, 2025
Action Type Old Value New Value Added Reference https://www.cisa.gov/news-events/alerts/2025/03/18/supply-chain-compromise-third-party-github-action-cve-2025-30066 -
CVE Modified by [email protected]
Mar. 16, 2025
Action Type Old Value New Value Added Reference https://github.com/tj-actions/changed-files/issues/2477 -
CVE Modified by [email protected]
Mar. 16, 2025
Action Type Old Value New Value Added Reference https://www.stream.security/post/github-action-supply-chain-attack-exposes-secrets-what-you-need-to-know-and-how-to-respond Added Reference https://www.sweet.security/blog/cve-2025-30066-tj-actions-supply-chain-attack Added Reference https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 -
CVE Modified by [email protected]
Mar. 16, 2025
Action Type Old Value New Value Changed Description tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.) tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.) Added Reference https://github.com/tj-actions/changed-files/blob/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73/README.md?plain=1#L20-L28 Added Reference https://github.com/tj-actions/changed-files/issues/2464 -
CVE Modified by [email protected]
Mar. 16, 2025
Action Type Old Value New Value Added Reference https://github.com/espressif/arduino-esp32/issues/11127 Added Reference https://github.com/modal-labs/modal-examples/issues/1100 Added Reference https://sysdig.com/blog/detecting-and-mitigating-the-tj-actions-changed-files-supply-chain-attack-cve-2025-30066/ -
CVE Modified by [email protected]
Mar. 15, 2025
Action Type Old Value New Value Added Reference https://github.com/chains-project/maven-lockfile/pull/1111 Added Reference https://github.com/rackerlabs/genestack/pull/903 Added Reference https://news.ycombinator.com/item?id=43367987 -
CVE Modified by [email protected]
Mar. 15, 2025
Action Type Old Value New Value Added Reference https://web.archive.org/web/20250315060250/https://github.com/tj-actions/changed-files/issues/2463 -
New CVE Received by [email protected]
Mar. 15, 2025
Action Type Old Value New Value Added Description tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.) Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Added CWE CWE-506 Added Reference https://github.com/github/docs/blob/962a1c8dccb8c0f66548b324e5b921b5e4fbc3d6/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md?plain=1#L191-L193 Added Reference https://github.com/tj-actions/changed-files/issues/2463 Added Reference https://news.ycombinator.com/item?id=43368870 Added Reference https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/ Added Reference https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised