All 4 CVE vulnerabilities found in git-lfs, with AI-generated Chinese analysis, references, and POCs.
Vendor: git-lfs
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-26625 | Git LFS may write to arbitrary files via crafted symlinks CWE-59 | 8.1AI | HighAI | 2025-10-17 |
| CVE-2024-53263 | Git LFS permits exfiltration of credentials via crafted HTTP URLs CWE-74 | 7.5 | - | 2025-01-14 |
| CVE-2022-24826 | Git LFS can execute a binary from the current directory on Windows CWE-426 | 9.8 | Critical | 2022-04-19 |
| CVE-2021-21237 | Git LFS can execute a Git binary from the current directory on Windows CWE-426 | 7.2 | High | 2021-01-15 |
All 4 known CVE vulnerabilities affecting git-lfs with full Chinese analysis, references, and POCs where available.