6 matches found
Clawdbot’s rename to Moltbot sparks impersonation campaign
After the viral AI assistant Clawdbot was forced to rename to Moltbot due to a trademark dispute, opportunists moved quickly. Within days, typosquat domains and a cloned GitHub repository appeared—impersonating the project’s creator and positioning infrastructure for a potential supply-chain...
EUVD-2025-37026
n8n Vulnerable to Remote Code Execution via Git Node Pre-Commit Hook...
gitk: git script execution flaw
There's a vulnerability in gitk where an user can be tricked to run malicious scripts supplied by the attacker when running gitk filename command. When successfully exploited this vulnerability may result in arbitrary code execution...
CVE-2025-48385
CVE-2025-48385 affects the Git client. The vulnerability arises when cloning a repository with a bundle URI advertised by the remote server: the client does not validate the bundle, allowing the server to inject a bundle to a location controlled by the attacker, potentially leading to arbitrary c...
Gitk 操作系统命令注入漏洞
Gitk is an open source graphical tool that comes with Git for viewing information such as commit history and branch structure of a Git repository. Gitk suffers from an operating system command injection vulnerability that stems from the following: a user who clones the repository can be tricked...
Arbitrary File Overwrite
org.eclipse.jgit is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a symbolic link present in a specially crafted git repository which can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem...