CVE advisoryKnown Exploit
CVE-2025-30066
TJ-Actions Changed-Files: Secret Disclosure Risk in Workflow Logs.
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in a GitHub Action allows remote attackers to discover secrets within workflow logs. This impacts organizations using the affected component, posing a risk of sensitive data exposure, which could compromise systems and operations.