EXECUTIVE SUMMARY:
CVE-2026-44471 with a CVSS score of 7.8 is a vulnerability in the gix-fs package, specifically affecting versions less than or equal to 0.21.0. This vulnerability allows a malicious tree to be constructed and, when checked out with gitoxide, permits writing an attacker-controlled symlink into any existing directory the user has write access to. An attacker can exploit this vulnerability by providing a crafted tree with duplicate symlink and directory entries, which, when processed by gix-fs, allows the creation of arbitrary symlinks in parent directories. This capability enables the attacker to write to any directory the user can write to, which can be chained into code execution by writing to a file that is known to be executed, such as a Git hook. The business impact of this vulnerability is high, as it allows an attacker to gain arbitrary code execution capabilities, which can lead to data theft, unauthorized modifications, or complete system compromise. For exploitation, the attacker needs access to a writable directory within the user's file system, which is a typical condition in many environments.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-44471 with a CVSS score of 7.8 is a vulnerability in the gix-fs package, specifically affecting versions less than or equal to 0.21.0. This vulnerability allows a malicious tree to be constructed and, when checked out with gitoxide, permits writing an attacker-controlled symlink into any existing directory the user has write access to. An attacker can exploit this vulnerability by providing a crafted tree with duplicate symlink and directory entries, which, when processed by gix-fs, allows the creation of arbitrary symlinks in parent directories. This capability enables the attacker to write to any directory the user can write to, which can be chained into code execution by writing to a file that is known to be executed, such as a Git hook. The business impact of this vulnerability is high, as it allows an attacker to gain arbitrary code execution capabilities, which can lead to data theft, unauthorized modifications, or complete system compromise. For exploitation, the attacker needs access to a writable directory within the user's file system, which is a typical condition in many environments.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-f89h-2fjh-2r9q