Package impact
npm / simple-git
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-6951 | critical | 9.8 | 9.8 | 1mo ago | simple-git is vulnerable to Remote Code Execution | |
| CVE-2026-28291 | high | 8.1 | 8.1 | 2mo ago | simple-git Affected by Command Execution via Option-Parsing Bypass | |
| CVE-2026-28292 | unknown | — | — | 3mo ago | simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE | |
| CVE-2022-25860 | unknown | — | — | 3y ago | Remote code execution in simple-git | |
| CVE-2022-25912 | unknown | — | — | 4y ago | simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol | |
| CVE-2022-24066 | unknown | — | — | 4y ago | Command injection in simple-git | |
| CVE-2022-24433 | unknown | — | — | 4y ago | Command injection in simple-git |