CVE-2025-54585
GitProxy (versions ≤ 1.19.1) is vulnerable to a new-branch approval exploit: nearby commits on a parent branch can be pushed without proper approval due to how new branches are detected (uses a zero-hash check). The issue requires only regular push access and no extra user interaction, but it doe...