GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED)

Summary

A potential supply chain attack on GitHub CodeQL started simply: a publicly exposed secret, valid for 1.022 seconds at a time. In that second, an attacker could take a series of steps that would allow them to execute code within a GitHub Actions workflow in most repositories using CodeQL, GitHub’s code analysis engine trusted by hundreds of thousands of repositories. The impact would reach both public GitHub (GitHub Cloud) and GitHub Enterprise. If backdooring GitHub Actions sounds familiar, that’s because it’s exactly what threat actors did in the recent tj-actions/changed-files supply chain attack. Imagine that very same supply chain attack, but instead of backdooring actions in tj-actions, they backdoored actions in GitHub CodeQL. An attacker could use this to: Compromise intellectual property by exfiltrating the source code of private repositories using CodeQL. Steal credentials within GitHub Actions secrets of workflow jobs using CodeQL and leverage those secrets to execute further supply chain attacks. Execute code on internal infrastructure running CodeQL workflows. Compromise GitHub Actions secrets of workflows using the GitHub Actions Cache within a repo that uses CodeQL. This is the story of how we uncovered an exposed secret leading to a race condition, a potential supply chain attack, and CVE-2025-24362. Note: Per GitHub’s advisory, they have found no evidence of compromise to its platform or systems. How Did We Get Here? In January 2025, I took a break from Praetorian’s Red Team and began three months of research. I aimed to push the limits of public GitHub Actions exploitation, building on presentations we’ve given at Black Hat, DEF CON, Schmoocon, and Black Hat Arsenal. Tools and takeaways from this research will be implemented in our CI/CD Professional Services Engagements, and into Chariot, our Continuous Threat Exposure Management platform. I began my research rotation by scanning GitHub Actions workflow artifacts for secrets. Secret Scanning In Au...