CVE-2026-42215 | gitpython-developers GitPython up to 3.1.46 os command injection

A vulnerability, which was classified as critical, was found in gitpython-developers GitPython up to 3.1.46. This affects the function Repo.clone_from/Remote.fetch/Remote.pull/Remote.push. Executing a manipulation can lead to os command injection.

This vulnerability is registered as CVE-2026-42215. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More