git
Security Risk Profile
39
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 44 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from January 31, 2006 to present
44
Total CVEs
17
Critical+High
3
Exploited
8
Unpatched
Threat Assessment
Avg CVSS
5.7
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
8
Critical/High
Risk Level
39/100
low
⚠️ 3 Active Exploits
Severity Distribution
Critical
3High
14Medium
12Low
5Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
1Age Distribution
Common Weaknesses (CWE)
1
Command Injection
3
2
Buffer Overflow
3
3
Integer Overflow
2
4
Path Traversal
1
5
Malicious File Upload
1
Most Affected Products
1. Git Git330
2. Git git250
3. git-scm Git26
4. redhat/git16
5. Fedoraproject Fedora9
Recent Vulnerabilities
See more →CVE-2025-26625
CVSS 8.6high
Git LFS may write to arbitrary files via crafted symlinks
10/17/2025
https://reddit.com/r/cybersecurity/comments/1n11npa/organizations_warned_of_exploited_git/
unknown
Organizations Warned of Exploited Git Vulnerability
8/26/2025🔧 No Patch
https://reddit.com/r/cybersecurity/comments/1n0v4zc/git_vulnerability_leading_to_rce_is_being/
unknown
Git vulnerability leading to RCE is being exploited by attackers
8/26/2025🔧 No Patch
https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-git-code-execution-flaw/
unknown
CISA warns of actively exploited Git code execution flaw
8/26/2025⚠ Exploited🔧 No Patch
REDHAT-BUG-2379326
CVSS 1.0low
7/10/2025🔧 No Patch
REDHAT-BUG-2379125
CVSS 4.0medium
7/9/2025🔧 No Patch
REDHAT-BUG-2379124
CVSS 4.0medium
7/9/2025🔧 No Patch
REDHAT-BUG-2378806
CVSS 7.0high
7/8/2025🔧 No Patch
REDHAT-BUG-2378808
CVSS 7.0high
7/8/2025🔧 No Patch
https://seclists.org/oss-sec/2025/q3/13
unknown
Multiple vulnerabilities fixed in Git
7/8/2025🔧 No Patch
Monitor git in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.