Bot Betrayal: RCE in Renovate's Helm Manager
Jan 14, 2026·8 min read·12 visits
Executive Summary (TL;DR)
Renovate versions 31.51.0 through 39.105.x contain a high-severity remote code execution vulnerability in the `helmv3` module. The tool fails to sanitize the `repository` field in `Chart.yaml` files before passing it to a shell command (`helm registry login`). Attackers with the ability to commit to a repository scanned by a self-hosted Renovate instance can execute arbitrary code on the runner infrastructure. The fix involves proper shell argument quoting.
A classic command injection vulnerability residing in the `helmv3` manager of the Renovate dependency automation tool. By crafting a malicious `Chart.yaml` file, an attacker can trick the Renovate runner into executing arbitrary shell commands during the OCI registry authentication process.
Official Patches
Technical Appendix
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HAffected Systems
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
Renovate Mend / RenovateBot | >= 31.51.0 < 39.106.0 | 39.106.0 |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-77 |
| Attack Vector | Network / File (Chart.yaml) |
| CVSS Score | 6.7 (High) |
| Affected Component | helmv3 manager / common.ts |
| Impact | Remote Code Execution (RCE) |
| Exploit Status | Proof of Concept Available |
MITRE ATT&CK Mapping
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Known Exploits & Detection
Vulnerability Timeline
Subscribe to updates
Get the latest CVE analysis reports delivered to your inbox.