THREATOPS
THREAT OPSCVEs › CVE-2025-30154

CVE-2025-30154 — reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability

CISA KEVExploited: confirmedreviewdog

reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs.

Vulnerability details