Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.7
GitHub Action using Black may execute malicious code
GHSA-v53h-f6m7-xcgm
CVE-2026-31900
Summary
A vulnerability in Black's GitHub Action could allow attackers to execute malicious code, potentially accessing sensitive information. To protect yourself, avoid using the `use_pyproject: true` option in the psf/black GitHub Action, or update to version 26.3.0 or later.
What to do
- Update psf black to version 26.3.0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| psf | black | <= 26.3.0 | 26.3.0 |
Original title
Black's vulnerable version parsing leads to RCE in GitHub Action
Original description
### Impact
Black provides a [GitHub action](https://black.readthedocs.io/en/stable/integrations/github_actions.html) for formatting code. This action supports an option, `use_pyproject: true`, for reading the version of Black to use from the repository `pyproject.toml`. A malicious pull request could edit pyproject.toml to use a direct URL reference to a malicious repository. This could lead to arbitrary code execution in the context of the GitHub Action. Attackers could then gain access to secrets or permissions available in the context of the action.
### Patches
Version 26.3.0 fixes this vulnerability by tightening the validation of the `version` field. Users who use the GitHub Action as `psf/black@stable` will automatically pick up this update.
### Workarounds
Do not use the `use_pyproject: true` option in the psf/black GitHub Action.
Black provides a [GitHub action](https://black.readthedocs.io/en/stable/integrations/github_actions.html) for formatting code. This action supports an option, `use_pyproject: true`, for reading the version of Black to use from the repository `pyproject.toml`. A malicious pull request could edit pyproject.toml to use a direct URL reference to a malicious repository. This could lead to arbitrary code execution in the context of the GitHub Action. Attackers could then gain access to secrets or permissions available in the context of the action.
### Patches
Version 26.3.0 fixes this vulnerability by tightening the validation of the `version` field. Users who use the GitHub Action as `psf/black@stable` will automatically pick up this update.
### Workarounds
Do not use the `use_pyproject: true` option in the psf/black GitHub Action.
ghsa CVSS4.0
8.7
Vulnerability type
CWE-20
Improper Input Validation
Published: 7 Mar 2026 · Updated: 14 Mar 2026 · First seen: 7 Mar 2026