CVE-2025-5890 – Actions Toolkit Glob Regular Expression Complexity Vulnerability

CVE ID : CVE-2025-5890

Published : June 9, 2025, 7:15 p.m. | 1 hour, 44 minutes ago

Description : A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…