CVE-2026-33762

ADVISORY - github

Summary

Impact

go-git’s index decoder for format version 4 fails to validate the path name prefix length before applying it to the previously decoded path name. A maliciously crafted index file can trigger an out-of-bounds slice operation, resulting in a runtime panic during normal index parsing.

This issue only affects Git index format version 4. Earlier formats (go-git supports only v2 and v3) are not vulnerable to this issue.

An attacker able to supply a crafted .git/index file can cause applications using go-git to panic while reading the index. If the application does not recover from panics, this results in process termination, leading to a denial-of-service (DoS) condition.

Exploitation requires the ability to modify or inject a Git index file within the local repository in disk. This typically implies write access to the .git directory.

Patches

Users should upgrade to v5.17.1, or the latest v6 pseudo-version, in order to mitigate this vulnerability.

Credit

go-git maintainers thank @kq5y for finding and reporting this issue privately to the go-git project.

EPSS Score⁠: 0.00014 (0.023)

Common Weakness Enumeration (CWE)

ADVISORY - nist

NIST

CREATED

20 days ago

UPDATED

18 days ago

ADVISORY IDCVE-2026-33762⁠

EXPLOITABILITY SCORE

1.3

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-129⁠

CVSS SCORE

2.8low

GitHub

CREATED

21 days ago

UPDATED

20 days ago

ADVISORY IDGHSA-gm2x-2g9h-ccm8⁠

EXPLOITABILITY SCORE

1.3

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-129⁠

CVSS SCORE

2.8low

Debian

CREATED

18 days ago

UPDATED

4 days ago

ADVISORY IDCVE-2026-33762⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

18 days ago

UPDATED

18 days ago

ADVISORY IDCVE-2026-33762⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

GoLang

CREATED

13 days ago

UPDATED

13 days ago

ADVISORY IDGO-2026-4909⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

3 days ago

UPDATED

3 days ago

ADVISORY ID

CGA-9gc9-qwwq-vf3j

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-2956-3qrx-mw79

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-3285-2839-mh97

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-3pmf-85qf-jq4c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-3x6h-jggj-3rpw

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-42vm-pvp5-rwr5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

MINI-4pw7-9v4r-c54v

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-6457-8pc8-pj57

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-6mmq-wp6m-v5f3

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-6w5h-8vgx-8hfm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-7f97-mxqp-mgpv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-7fp2-377m-6f2g

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-8ffr-fwhg-gj65

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-8vrf-3xcp-c8xm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-8x23-f5f5-phpf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-cm9c-qv6h-63rv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-fm3p-874h-mcp5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-fp99-6x64-j2wx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-fr98-w2q3-vgcx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-ghf3-73q7-mmwh

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-gp5c-mvrh-jvfm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

MINI-hqwq-qcqv-gmjw

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

5 days ago

UPDATED

5 days ago

ADVISORY ID

MINI-j3rq-g2m4-fxhw

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-m25p-xvjh-p36v

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-m56j-wxf2-rcpm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

MINI-m623-9gcr-m429

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-m7wq-mg28-p3qp

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-mvg8-8x47-7fr4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-pjf3-qpgx-gwr8

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-pmvc-h3wc-qj47

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-pphj-f63j-7353

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-pqvm-wp84-q6cx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-pvrq-prpp-h7fr

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

5 days ago

UPDATED

5 days ago

ADVISORY ID

MINI-pw2r-6rvq-jqf9

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-qffh-9vmh-2j2m

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-r2c8-fjj7-j5m2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-rhmr-4wgr-h9xg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-v664-55h2-vgqw

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

MINI-vc43-575h-mwph

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

6 days ago

UPDATED

6 days ago

ADVISORY ID

MINI-vm6c-2pvq-2j5g

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-vp2q-fvg3-6jwx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-vwr9-p82j-vr8q

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-w86v-rhch-p892

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

20 days ago

UPDATED

20 days ago

ADVISORY ID

MINI-wc22-52jp-9frv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-wv9j-j4m6-pmw5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-wxqm-7q3c-m5x4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

6 days ago

UPDATED

6 days ago

ADVISORY ID

MINI-xfh7-fmwg-6pgv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-xh2p-948g-8q3w

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

19 days ago

UPDATED

19 days ago

ADVISORY ID

MINI-xj84-c6xc-6p6h

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

CVE-2026-33762

Summary

Impact

Patches

Credit

Common Weakness Enumeration (CWE)

CWE-129⁠

CWE-129⁠

Advisories

NIST

CVSS SCORE

GitHub

CVSS SCORE

Debian

Ubuntu

CVSS SCORE

GoLang

Chainguard

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos

minimos