CVE-2025-53104 is a critical command injection vulnerability identified in the gluestack-ui project, a library providing UI components and patterns built with Tailwind CSS (NativeWind). The vulnerability exists specifically in a GitHub Actions workflow file named discussion-to-slack.yml, prior to commit e6b4271. This workflow improperly handles untrusted input from GitHub Discussions fields such as title and body by directly interpolating them into shell commands within the 'run:' block of the workflow. This lack of input sanitization or neutralization of special shell characters (CWE-77) allows an attacker to craft malicious discussion content containing shell command injection payloads (e.g., $(curl ...)) that will be executed on the GitHub Actions runner environment. The impact is severe because the workflow runs without requiring authentication or user interaction, and the runner executes commands with the privileges of the workflow environment. Successful exploitation could lead to arbitrary code execution, compromising confidentiality and integrity of the runner environment and potentially any connected resources. The issue was remediated by removing the vulnerable workflow file in commit e6b4271. Users maintaining forks or derivatives of gluestack-ui are advised to remove or update the discussion-to-slack.yml workflow to mitigate risk. Although no known exploits are reported in the wild yet, the high CVSS score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) reflects the ease of remote exploitation without privileges or user interaction and the high impact on confidentiality and integrity.

For European organizations, this vulnerability poses a significant risk especially for those utilizing gluestack-ui or its forks in their development pipelines that integrate GitHub Actions workflows. Compromise of GitHub Actions runners can lead to unauthorized access to source code, secrets, and deployment environments, potentially resulting in intellectual property theft, supply chain compromise, or further lateral movement within corporate networks. Organizations relying on automated CI/CD processes with GitHub Actions are particularly vulnerable, as the attack vector leverages the integration of untrusted user-generated content in discussions. The impact extends beyond the immediate runner environment because compromised workflows can be used to inject malicious code into software builds or deployment artifacts, undermining software integrity and trust. Given the critical severity and the common use of GitHub Actions in European software development, this vulnerability could disrupt development operations and expose sensitive data if not promptly addressed.

1. Immediately remove or disable the discussion-to-slack.yml GitHub Actions workflow in any gluestack-ui forks or derivatives if the repository has not been updated to include commit e6b4271 or later. 2. Audit all GitHub Actions workflows in your organization for similar patterns where untrusted input is interpolated directly into shell commands, and refactor to use safer methods such as parameterized commands or environment variables with proper escaping. 3. Implement strict input validation and sanitization for any user-generated content that may be used in automation scripts or workflows. 4. Restrict permissions of GitHub Actions runners to the minimum necessary and isolate them from sensitive environments to limit potential damage from compromise. 5. Monitor GitHub repositories and workflows for unusual activity or unexpected workflow runs triggered by user-generated content. 6. Educate developers and DevOps teams about secure workflow design and the risks of command injection in CI/CD pipelines. 7. Keep dependencies and workflows up to date with security patches and subscribe to relevant vulnerability advisories for timely response.