PatchSiren

MaaAssistantArknights CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH MaaAssistantArknights CVE published 2026-07-15

CVE-2026-55576

CVE-2026-55576 is a high severity vulnerability in MaaAssistantArknights, a one-click tool for daily Arknights tasks. The vulnerability exists in the .github/workflows/release-preparation.yml file, where attacker-controlled github.event.pull_request.title is inlined into a run: shell command during the pull_request opened, reopened, and ready_for_review events. This allows a non-draft fork PR whose title [truncated]