LOW
cli
CVE published 2026-05-15
CVE-2026-45803
CVE-2026-45803 is a low-severity GitHub CLI issue in which workflow log content can be rendered to a terminal without sanitizing control sequences. If an attacker can influence Actions log output, viewing a run with gh run view --log or gh run view --log-failed can cause terminal escape sequence injection in the user’s session. The issue is fixed in GitHub CLI 2.92.0.