CVE-2026-30303

The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

CVE-2026-33724

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack when processing Git URL fragment subdir components. An attacker can access files outside the intended Git repository root by specifying a crafted subdir value in the URL fragment. Note: This is only exploitable if builds...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack when processing Git URL fragment subdir components. An attacker can access files outside the intended Git repository root by specifying a crafted subdir value in the URL fragment. Note: This is only exploitable if builds...

BuildKit Git URL subdir component can cause access to restricted files

Impact Insufficient validation of Git URL fragment subdir components :, docs may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted filesystem. Patches The issue has been fixed in version v0.28.1 Workarounds The issue affects...

CVE-2026-4496

A vulnerability was found in sigmade Git-MCP-Server up to 785aa159f262a02d5791a5d8a8e13c507ac42880. Affected by this vulnerability is the function childprocess.exec of the file src/gitUtils.ts of the component showmergediff/quickmergesummary/showfilediff. The manipulation results in os command...

CVE-2025-66413

Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the user's account name and password. This vulnerability is...

CVE-2026-3854

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly...

CVE-2026-32698

OpenProject is an open-source, web-based project management software. Versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 are vulnerable to an SQL injection attack via a custom field's name. When that custom field was used in a Cost Report, the custom field's name was injected into the SQL query...

CVE-2026-31861

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to childprocess.exec. The...

CVE-2026-31862

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, multiple Git-related API endpoints use execAsync with string interpolation of user-controlled parameters file, branch, message, commit, allowing authenticated attackers to...

GlassWorm attack installs fake browser extension for surveillance

GlassWorm hides inside developer tools. Once it's in, it steals data, installs remote access malware, and even a fake browser extension to monitor activity. While it starts with developers, the impact can quickly spread. With stolen credentials, access tokens, and compromised tools, attackers can...

OpenHands is Vulnerable to Command Injection through its Git Diff Handler

Summary A Command Injection vulnerability exists in the getgitdiff method at openhands/runtime/utils/githandler.py:134. The path parameter from the /api/conversations/conversationid/git/diff API endpoint is passed unsanitized to a shell command, allowing authenticated attackers to execute arbitra...

GHSA-7H8W-HJ9J-8RJW OpenHands is Vulnerable to Command Injection through its Git Diff Handler

Summary A Command Injection vulnerability exists in the getgitdiff method at openhands/runtime/utils/githandler.py:134. The path parameter from the /api/conversations/conversationid/git/diff API endpoint is passed unsanitized to a shell command, allowing authenticated attackers to execute arbitra...

Command Injection

Overview openhands-ai is an OpenHands: Code Less, Make More Affected versions of this package are vulnerable to Command Injection via the getgitdiff method. An attacker can execute arbitrary commands, read sensitive files, write arbitrary files, establish persistent access, or potentially escape...

CVE-2026-33724

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...

CVE-2026-33724 n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...

SUSE CVE-2026-26194

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, there's a security issue in gogs where deleting a release can fail if a user controlled tag name is passed to git without the right separator, this lets git options get injected and mess with the process. This issue has been...

PT-2026-28181

Name of the Vulnerable Software and Affected Versions OpenHands versions prior to 1.5.0 Description OpenHands is software for AI-driven development. A Command Injection vulnerability exists in the get git diff method at openhands/runtime/utils/git handler.py:134. The path parameter from the...

CVE-2026-33353

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. Thi...