CVE-2026-47734

A flaw was found in Dulwich, a pure-Python implementation of Git file formats and protocols. A remote attacker with push access to a Dulwich-based Git server could send a specially crafted thin pack. This crafted pack, with a manipulated delta header, would cause the server to allocate excessive...

CVE-2026-47734 Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

CVE-2026-48827 Apache MINA SSHD: Path traversal in org.apache.sshd:sshd-git

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

EUVD-2026-33606

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

CVE-2026-44647

OneDev is a Git server with CI/CD, kanban, and packages. Prior to 15.0.2, there is behavior that breaks the expected boundary between repository-controlled LFS metadata and server-local filesystem paths. A repository object can steer raw blob reads to arbitrary local files that the server account...

EUVD-2026-30478

OneDev is a Git server with CI/CD, kanban, and packages. Prior to 15.0.2, there is behavior that breaks the expected boundary between repository-controlled LFS metadata and server-local filesystem paths. A repository object can steer raw blob reads to arbitrary local files that the server account...

CVE-2026-33353

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. Thi...

Soft Serve 安全漏洞

Soft Serve is a self-hosted command-line Git server developed by Charm. Versions of Soft Serve from 0.6.0 to 0.11.6 contained security vulnerabilities. These vulnerabilities were due to an authorization flaw in repository imports, which allowed any authenticated SSH user to clone the server’s loc...

CVE-2026-4496

A vulnerability was found in sigmade Git-MCP-Server up to 785aa159f262a02d5791a5d8a8e13c507ac42880. Affected by this vulnerability is the function childprocess.exec of the file src/gitUtils.ts of the component showmergediff/quickmergesummary/showfilediff. The manipulation results in os command...

CVE-2026-30832 Soft Serve: SSRF via unvalidated LFS endpoint in repo import

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is...

PT-2026-23710

Name of the Vulnerable Software and Affected Versions Anthropic Git MCP server affected versions not specified Description The Anthropic Git MCP server contains an argument injection flaw that allows for Remote Code Execution RCE. The issue was identified in Anthropic’s own implementation of the...

CVE-2026-27735 mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...

Soft Serve security vulnerability

Soft Serve is a self-hosted command-line Git server developed by Charm. Versions of Soft Serve prior to 0.11.2 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing attackers to provide the victim’s public key during the SSH handshake phase,...

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol MCP server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. "These flaws can be exploited through prom...

CVE-2024-41956

Soft Serve is a self-hostable Git server for the command line. Prior to 0.7.5, it is possible for a user who can commit files to a repository hosted by Soft Serve to execute arbitrary code via environment manipulation and Git. The issue is that Soft Serve passes all environment variables given by...

CVE-2025-68145 mcp-server-git has missing path validation when using --repository flag

In mcp-server-git versions prior to 2025.12.17, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repopath arguments in subsequent tool calls were actually within that configured path. This could allow tool calls t...

EUVD-2020-20574

Malware in sbrugna...