CVE-2026-6951 | steveukx simple-git up to 3.35.x code injection (SNYK-JS-SIMPLEGIT-15456078 / EUVD-2026-25639)

Inserito da Angelo Barbosa | Apr 25, 2026 | CVE

A vulnerability classified as critical has been found in steveukx simple-git up to 3.35.x. Affected is an unknown function. Performing a manipulation results in code injection.

This vulnerability is cataloged as CVE-2026-6951. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-6951 | steveukx simple-git up to 3.35.x code injection (SNYK-JS-SIMPLEGIT-15456078 / EUVD-2026-25639)

Post correlati

CVE-2024-1764 | Devolutions Server up to 2023.3.14.0 Just-in-Time Elevation Module privileges management (DEVO-2024-0002)

CVE-2025-26567 | farjana55 Font Awesome WP Plugin up to 1.0 on WordPress cross site scripting

CVE-2025-66532 | Mikado-Themes Powerlift Plugin up to 3.2.1 on WordPress authorization

CVE-2024-32780 | E4J VikRentCar Plugin up to 1.3.2 on WordPress information disclosure