CVE-2026-35580
Emissary · Emissary
A shell injection vulnerability in Emissary workflow files allows attackers with repository write access to execute arbitrary commands, leading to supply chain compromise.
Executive summary
A critical shell injection vulnerability in the Emissary workflow engine allows attackers with repository write access to execute arbitrary commands and compromise downstream users.
Vulnerability
The vulnerability exists due to the insecure interpolation of user-controlled workflow_dispatch inputs directly into shell commands via ${{ }} syntax within workflow files. This allows an authenticated attacker with repository write access to inject malicious shell commands.
Business impact
This flaw facilitates supply chain attacks, potentially allowing an attacker to poison build artifacts and impact all users downstream of the affected workflow. The CVSS score of 9.1 reflects the high potential for widespread disruption and unauthorized code execution within the software development lifecycle.
Remediation
Immediate Action: Upgrade the Emissary workflow engine to version 8.39.0 or later to ensure proper sanitization of inputs.
Proactive Monitoring: Inspect existing workflow files for suspicious ${{ }} expressions and review audit logs for unexpected shell commands executed by the workflow engine.
Compensating Controls: Restrict repository write access to trusted personnel only and implement strict peer review processes for all changes to workflow configuration files.
Exploitation status
Public Exploit Available: Not specified.
Analyst recommendation
Supply chain security is paramount; failure to remediate this vulnerability could result in the compromise of downstream development pipelines. Organizations should prioritize updating to version 8.39.0 and reviewing repository access permissions to mitigate the risk of malicious command injection.