The vulnerability identified as CVE-2026-32947 affects step-security's harden-runner, a security agent designed to protect GitHub Actions runners by enforcing egress network policies. In versions 2.15.1 and earlier, an attacker who has already gained code execution within a GitHub Actions workflow can exploit a DNS over HTTPS (DoH) bypass. Harden-Runner relies on domain-based filtering to block unauthorized network egress; however, DoH queries to allowed HTTPS endpoints like dns.google are permitted. The attacker encodes sensitive information, such as the runner's hostname, into subdomains of DoH queries. These queries appear as normal HTTPS traffic to the hardened runner, bypassing egress restrictions and forwarding the data to attacker-controlled domains. This method effectively tunnels exfiltrated data through trusted HTTPS channels, circumventing network blocklists. The vulnerability stems from a protection mechanism failure (CWE-693) and improper authorization (CWE-863) in the filtering logic. Exploitation requires prior code execution in the workflow, limiting initial attack vectors but enabling stealthy data leakage once compromised. The issue was addressed in harden-runner version 2.16.0 by improving DoH traffic inspection and blocking unauthorized tunneling attempts.

This vulnerability allows attackers with existing code execution in GitHub Actions workflows to exfiltrate sensitive data stealthily, bypassing egress network restrictions enforced by harden-runner. The impact includes potential leakage of confidential information such as internal hostnames, environment details, or secrets accessible within the runner environment. Since GitHub Actions workflows often handle critical build and deployment processes, attackers can leverage this to gather intelligence or prepare further attacks. The bypass of network restrictions undermines the security posture of organizations relying on harden-runner to enforce strict egress policies, increasing the risk of data breaches and compliance violations. Although exploitation requires prior code execution, the ability to tunnel data covertly through trusted HTTPS endpoints complicates detection and response efforts. Organizations using vulnerable versions face increased risk of stealthy data exfiltration, especially in environments with sensitive intellectual property or regulated data.

The primary mitigation is to upgrade harden-runner to version 2.16.0 or later, where the vulnerability is fixed. Organizations should audit their GitHub Actions workflows to ensure no unauthorized code execution is possible, as exploitation requires such access. Implement strict access controls and code review processes for workflows to minimize the risk of initial compromise. Additionally, monitor network traffic for unusual DoH query patterns or high volumes of DNS queries to trusted endpoints like dns.google, which may indicate tunneling attempts. Consider deploying enhanced network monitoring tools capable of inspecting DoH traffic content or metadata. Employ multi-layered egress filtering that includes behavioral analysis rather than relying solely on domain-based allowlists. Finally, maintain up-to-date security agents and regularly review CI/CD pipeline security configurations to detect and prevent misuse.