CVE-2026-48033: @hulumi/policies bypasses policy packs with a forged Pulumi-URN logical name

Pulumi gives every cloud resource a structured URN that includes the resource’s type chain (hulumi:baseline:aws:SecureBucket$aws:s3/bucketV2:BucketV2) and the logical name the developer freely chose (anything after the final ::). Several Hulumi policy rules used the URN to grant exemptions — for example, “if this raw bucket is a child of SecureBucket, skip the raw-bucket rule because the parent component handles hardening.”

The bug: the rules looked for a substring like hulumi:baseline:aws:SecureBucket$ anywhere in the URN. That substring can also appear in the developer-controlled logical-name portion. A developer (or compromised PR) could simply name a raw resource so its logical name carried the trusted substring, and every rule that used this check would treat the resource as if it were inside the trusted parent and skip its hardening check.

Codex reported this for DEPLOY_GOV_1; the same anti-pattern existed in five more packs (unreported but identically exploitable): AWS H4/H5 sibling lookups, GitHub H1, GitHub H2, Cloudflare CF_DNS_1, Cloudflare CF_DNSSEC_1, and (advisory-level) CIS v5 §2.1.1 + §2.1.5.