HIGH 8.8

CVE-2026-11572: Degit Command Injection Vulnerability (CVSS 8.8)

Degit, a popular tool for cloning Git repositories, contains a command injection vulnerability that allows attackers to run arbitrary system commands on machines using vulnerable versions. The flaw exists because the application doesn't properly validate repository names before passing them to shell commands. An attacker only needs to trick a user into cloning from a malicious repository URL to gain code execution with the privileges of the process running degit.

Source data · NVD / CISA · public domain

CVSS
3.1 · 8.8 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weaknesses (CWE)
CWE-77, CWE-78
Affected products
0 configuration(s)
Published / Modified
2026-06-09 / 2026-06-17

NVD description (verbatim)

Versions of the package degit before 2.8.6, from 3.0.0 and before 3.3.1 are vulnerable to Command Injection due to improper sanitisation of user input for git shell commands directly invoked with exec() method by _cloneWithGit() and fetchRefs() functions. An attacker can execute arbitrary operating system commands as the process user by supplying a specially crafted git repository name.

5 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

The vulnerability resides in degit's _cloneWithGit() and fetchRefs() functions, which invoke git shell commands via the exec() method without adequate input sanitization. An attacker-controlled repository name can include shell metacharacters that break out of the intended git command context, allowing arbitrary command execution. The affected version ranges are before 2.8.6 and from 3.0.0 through 3.3.1. The vulnerability is classified as CWE-77 (Improper Neutralization of Special Elements used in a Command) and CWE-78 (Improper Neutralization of Special Elements used in an OS Command).

Business impact

Organizations using degit in CI/CD pipelines, automated deployment systems, or developer tools face direct risk of system compromise. A successful attack could lead to supply chain contamination, unauthorized code injection into builds, theft of credentials stored on the compromised machine, lateral movement within the network, and loss of confidentiality and integrity. The impact is amplified in shared development environments or CI runners where a single compromise can affect multiple projects or teams.

Affected systems

Degit versions before 2.8.6 and versions 3.0.0 through 3.3.1 are vulnerable. Any system running these versions—whether in development, CI/CD infrastructure, Docker containers, or automated scripts—is at risk. The vulnerability affects all operating systems where degit can execute (Linux, macOS, Windows with appropriate shell support).

Exploitability

Exploitability is relatively straightforward. An attacker crafts a malicious repository name containing shell metacharacters (such as backticks, pipes, or semicolons) and shares it as a seemingly legitimate link. When a user or automated system runs degit with this repository URL, the injected commands execute immediately with no additional user interaction beyond the initial clone request. The attack surface includes any scenario where degit accepts user-controlled or insufficiently validated repository names.

Remediation

Upgrade degit to version 2.8.6 or later for the 2.x branch, or to version 3.3.2 or later for the 3.x branch. If you cannot upgrade immediately, restrict use of degit to trusted repository sources only and avoid running degit with untrusted input. Consider implementing network controls to limit the blast radius of any compromised process.

Patch guidance

Check your current degit version by running `npm list degit` or `yarn list degit`. For npm projects, update with `npm install degit@latest` or specify the safe version in package.json and run `npm install`. For Yarn users, use `yarn upgrade degit`. Verify the installed version meets the security threshold (2.8.6+, or 3.3.2+ for v3 users). Test your build and deployment pipelines after updating to ensure compatibility.

Detection guidance

Monitor for unusual process spawning or command execution originating from degit processes, particularly shell invocations with unexpected arguments. In CI/CD logs, watch for git clone commands with suspicious characters in repository URLs. Log analysis tools should flag any exec() calls from degit that contain shell metacharacters. Additionally, audit your package-lock.json or yarn.lock files to identify if vulnerable versions are pinned in any dependency trees, as degit may be a transitive dependency.

Why prioritize this

With a CVSS 3.1 score of 8.8 (HIGH severity) and a low attack complexity, this vulnerability warrants immediate attention. The requirement for user interaction is minimal—social engineering or automation can easily introduce the attack vector. The potential for complete system compromise combined with common use of degit in build automation makes this a critical remediation priority.

Risk score, explained

The 8.8 CVSS score reflects high impact (Confidentiality, Integrity, and Availability all compromised) and low barriers to exploitation. The attack vector is network-based, requires no privileges, and has low attack complexity. While user interaction is required (the user must invoke degit), the bar for tricking a developer or automaton into running a command is low, especially in open-source or collaborative environments where repository sharing is routine.

Frequently asked questions

Can degit be safely used if I only clone from internal or trusted repositories?

Yes, restricting degit to trusted repository sources significantly reduces risk. However, upgrading remains the best practice, as it eliminates the vulnerability entirely and removes the operational burden of vetting every repository URL.

Is this vulnerability being actively exploited?

The vulnerability is not currently listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, but the low barrier to exploitation means it could be targeted opportunistically. Treat it as a high-priority patch regardless of active exploit confirmation.

Does upgrading degit require code changes in my project?

Degit is a command-line tool and build-time dependency, so upgrading typically requires only updating your package manager's lock file and re-running installation. Check the release notes for any breaking changes, though patch and minor version updates are generally backward-compatible.

What should I do if degit is a transitive dependency I didn't install directly?

Audit your package-lock.json or yarn.lock to identify which direct dependency brings in vulnerable degit versions. Update that parent dependency to a version that requires a patched degit, or use your package manager's resolution overrides (npm overrides, yarn resolutions) to force a safe version.

This analysis is based on publicly disclosed vulnerability data as of the publication date. Patch versions, KEV status, and vendor advisories are subject to change; verify all patch recommendations against the official degit release notes and security advisories. This content is for informational purposes and does not constitute legal or professional security advice. Organizations should consult their own security teams and conduct testing before applying patches to production systems. Source: NVD (public-domain), retrieved 2026-07-15. Analysis generated by SEC.co (claude-haiku-4-5).