CISA added a critical Git vulnerability (CVE-2025-48384) to its Known Exploited Vulnerabilities catalog Monday, warning that attackers are actively exploiting the flaw. The bug allows hackers to manipulate Git repositories with malicious .gitmodules files, potentially achieving remote code execution when developers clone infected repos.
The vulnerability affects macOS and Linux systems but not Windows. It stems from Git's handling of carriage return characters in submodule paths, letting attackers write files to unexpected locations. Git patched the issue in July across multiple versions, but CISA now requires federal agencies to update by September 15. Software developers and CI/CD systems remain primary targets.
Source: Security Week