CVE-2026-45571: go-git: Crafted repositories may modify main and submodule .git directories

Overview

Severity
Medium (CVSS 5.4)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U
Exploit Status
Not Exploited
Patch Tuesday
2026-May
Released
2026-05-28
Last Updated
2026-07-11
EPSS Score
0.30% (percentile: 21.6%)

Affected Products (3)

Other

  • 20966-17084
  • 21383-17084
  • 21482-17084

Revision History

  • 2026-05-28: Information published.
  • 2026-06-03: Information published.
  • 2026-06-28: Information published.
  • 2026-07-11: Information published.