What is CVE-2026-42305?

CVE-2026-42305 is a high-severity vulnerability, classified under Path Traversal. CVSS score: 8.8/10. Published 2026-06-10.

How severe is CVE-2026-42305?

High severity. CVSS v3 base score is 8.8 out of 10.

CVE-2026-42305

CVE-2026-42305

Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repo…

Vulnerability class: Path Traversal (Directory Traversal)

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Weakness classification (CWE)

CWE-22 — Path Traversal

References

security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com

Frequently asked questions

What is CVE-2026-42305?: CVE-2026-42305 is a high-severity vulnerability, classified under Path Traversal. CVSS score: 8.8/10. Published 2026-06-10.
How severe is CVE-2026-42305?: High severity. CVSS v3 base score is 8.8 out of 10.