CVE-2026-1699

Name of the Vulnerable Software and Affected Versions Eclipse Theia Website (affected versions not specified)

Description The GitHub Actions workflow located at .github/workflows/preview.yml in the Eclipse Theia Website repository utilized the pull request target trigger, which allowed for the execution of untrusted pull request code. This enabled any GitHub user to execute arbitrary code within the repository's CI environment, gaining access to repository secrets and a GITHUB TOKEN possessing extensive write permissions, including permissions for contents, packages, pages, and actions. An attacker could potentially exfiltrate sensitive information, publish malicious packages to the eclipse-theia organization, modify the official Theia website, and introduce malicious code into the repository.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.