3 matches found
CVE-2026-28291 vulnerabilities
Vulnerabilities for packages: gemini-cli...
CVE-2026-28291
CVE-2026-28291 affects the Node.js package simple-git up to version 3.31.1, where an attacker can execute arbitrary commands by abusing Git option parsing. The flaw stems from an incomplete fix for CVE-2022-25860: Git’s flexible option parsing allows combinations such as -vu, -4u, -nu to bypass t...
CVE-2026-28291
creationtimestamp| type| source ---|---|--- 2026-04-12 15:13:14+00:00| published-proof-of-concept| https://github.com/steveukx/git-js/security/advisories/GHSA-jcxm-m3jx-f287 2026-04-13 18:19:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjfi5dfcmd2w 2026-04-13...