CVE-2025-15617 GitHub — Exploit & Vulnerability Details HIGH

CVE-2025-15617

HIGH CVSS 4.0: 8.3 EPSS 0.04%

Parameter	Value
CVSS	8.3 (HIGH)
Type	CWE-522 (Insufficiently Protected Credentials)
Vendor	GitHub
Public PoC	No

Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commits or altering release tags.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

High

Difficult to exploit

Attack Requirements

None

No additional conditions

Privileges Required

None

No privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

None

No data leak

Integrity

High

Complete data modification

Availability

Low

Partial disruption

CVSS Vector v4.0

Weakness Type (CWE)

CWE-522 Insufficiently Protected Credentials

References 2

https://github.com/wazuh/wazuh/security/advisories/GHSA-6xqr-4q5g-xc7x

disclosure@vulncheck.com

https://www.vulncheck.com/advisories/exposure-of-the-github-token-in-wazuh-work…

disclosure@vulncheck.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-34042

GitHub

8.2

CVE-2026-34041

GitHub

7.7

CVE-2026-29872

GitHub

8.2

CVE-2026-25704

GitHub

5.8

CVE-2026-31945

GitHub

7.7

Menu

CVE-2025-15617

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 2

Related Vulnerabilities

CVE-2026-34042

CVE-2026-34041

CVE-2026-29872

CVE-2026-25704

CVE-2026-31945

CVE Details

Editor's Choice

Menu

CVE-2025-15617

Attack Parameters

Impact Assessment

CVSS Vector v4.0

Weakness Type (CWE)

References 2

Related Vulnerabilities

CVE-2026-34042

CVE-2026-34041

CVE-2026-29872

CVE-2026-25704

CVE-2026-31945

CVE Details

Editor's Choice

Stay informed on cybersecurity