Vulnerability in Git-lfs

CVE-2025-26625

Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Git LFS commands may write to files visible outsi…

EPSS: 0.007 (48.8th percentile) — read the EPSS interpretation.

Affected products

  • Git-lfs — versions >= 0.5.2, < 3.7.1

Weakness classification (CWE)

References