CVE-2026-11572: Degit Command Injection Vulnerability (CVSS 8.8)
Degit, a popular tool for cloning Git repositories, contains a command injection vulnerability that allows attackers to run arbitrary system commands on machines using vulnerable versions. The flaw exists because the application doesn't properly validate repository names before passing them to shell commands. An attacker only needs to trick a user into cloning from a malicious repository URL to gain code execution with the privileges of the process running degit.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 8.8 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-77, CWE-78
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-09 / 2026-06-17
NVD description (verbatim)
Versions of the package degit before 2.8.6, from 3.0.0 and before 3.3.1 are vulnerable to Command Injection due to improper sanitisation of user input for git shell commands directly invoked with exec() method by _cloneWithGit() and fetchRefs() functions. An attacker can execute arbitrary operating system commands as the process user by supplying a specially crafted git repository name.
5 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability resides in degit's _cloneWithGit() and fetchRefs() functions, which invoke git shell commands via the exec() method without adequate input sanitization. An attacker-controlled repository name can include shell metacharacters that break out of the intended git command context, allowing arbitrary command execution. The affected version ranges are before 2.8.6 and from 3.0.0 through 3.3.1. The vulnerability is classified as CWE-77 (Improper Neutralization of Special Elements used in a Command) and CWE-78 (Improper Neutralization of Special Elements used in an OS Command).
Business impact
Organizations using degit in CI/CD pipelines, automated deployment systems, or developer tools face direct risk of system compromise. A successful attack could lead to supply chain contamination, unauthorized code injection into builds, theft of credentials stored on the compromised machine, lateral movement within the network, and loss of confidentiality and integrity. The impact is amplified in shared development environments or CI runners where a single compromise can affect multiple projects or teams.
Affected systems
Degit versions before 2.8.6 and versions 3.0.0 through 3.3.1 are vulnerable. Any system running these versions—whether in development, CI/CD infrastructure, Docker containers, or automated scripts—is at risk. The vulnerability affects all operating systems where degit can execute (Linux, macOS, Windows with appropriate shell support).
Exploitability
Exploitability is relatively straightforward. An attacker crafts a malicious repository name containing shell metacharacters (such as backticks, pipes, or semicolons) and shares it as a seemingly legitimate link. When a user or automated system runs degit with this repository URL, the injected commands execute immediately with no additional user interaction beyond the initial clone request. The attack surface includes any scenario where degit accepts user-controlled or insufficiently validated repository names.
Remediation
Upgrade degit to version 2.8.6 or later for the 2.x branch, or to version 3.3.2 or later for the 3.x branch. If you cannot upgrade immediately, restrict use of degit to trusted repository sources only and avoid running degit with untrusted input. Consider implementing network controls to limit the blast radius of any compromised process.
Patch guidance
Check your current degit version by running `npm list degit` or `yarn list degit`. For npm projects, update with `npm install degit@latest` or specify the safe version in package.json and run `npm install`. For Yarn users, use `yarn upgrade degit`. Verify the installed version meets the security threshold (2.8.6+, or 3.3.2+ for v3 users). Test your build and deployment pipelines after updating to ensure compatibility.
Detection guidance
Monitor for unusual process spawning or command execution originating from degit processes, particularly shell invocations with unexpected arguments. In CI/CD logs, watch for git clone commands with suspicious characters in repository URLs. Log analysis tools should flag any exec() calls from degit that contain shell metacharacters. Additionally, audit your package-lock.json or yarn.lock files to identify if vulnerable versions are pinned in any dependency trees, as degit may be a transitive dependency.
Why prioritize this
With a CVSS 3.1 score of 8.8 (HIGH severity) and a low attack complexity, this vulnerability warrants immediate attention. The requirement for user interaction is minimal—social engineering or automation can easily introduce the attack vector. The potential for complete system compromise combined with common use of degit in build automation makes this a critical remediation priority.
Risk score, explained
The 8.8 CVSS score reflects high impact (Confidentiality, Integrity, and Availability all compromised) and low barriers to exploitation. The attack vector is network-based, requires no privileges, and has low attack complexity. While user interaction is required (the user must invoke degit), the bar for tricking a developer or automaton into running a command is low, especially in open-source or collaborative environments where repository sharing is routine.
Frequently asked questions
Can degit be safely used if I only clone from internal or trusted repositories?
Yes, restricting degit to trusted repository sources significantly reduces risk. However, upgrading remains the best practice, as it eliminates the vulnerability entirely and removes the operational burden of vetting every repository URL.
Is this vulnerability being actively exploited?
The vulnerability is not currently listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, but the low barrier to exploitation means it could be targeted opportunistically. Treat it as a high-priority patch regardless of active exploit confirmation.
Does upgrading degit require code changes in my project?
Degit is a command-line tool and build-time dependency, so upgrading typically requires only updating your package manager's lock file and re-running installation. Check the release notes for any breaking changes, though patch and minor version updates are generally backward-compatible.
What should I do if degit is a transitive dependency I didn't install directly?
Audit your package-lock.json or yarn.lock to identify which direct dependency brings in vulnerable degit versions. Update that parent dependency to a version that requires a patched degit, or use your package manager's resolution overrides (npm overrides, yarn resolutions) to force a safe version.
This analysis is based on publicly disclosed vulnerability data as of the publication date. Patch versions, KEV status, and vendor advisories are subject to change; verify all patch recommendations against the official degit release notes and security advisories. This content is for informational purposes and does not constitute legal or professional security advice. Organizations should consult their own security teams and conduct testing before applying patches to production systems. Source: NVD (public-domain), retrieved 2026-07-15. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10214HIGHCommand Injection in chatgpt-on-wechat Bash Tool
- CVE-2026-10219HIGHGoClaw Command Injection Vulnerability
- CVE-2026-10273HIGHRemote Code Execution in php-censor Webhook Handler
- CVE-2026-10870HIGHShibby Tomato 1.28.0000 OS Command Injection Vulnerability
- CVE-2026-10871HIGHShibby Tomato Remote Command Injection via IPv6 6rd Parameter
- CVE-2026-10872HIGHOS Command Injection in Shibby Tomato 1.28.0000 Web UI
- CVE-2026-10873HIGHOS Command Injection in Shibby Tomato 1.28.0000 Web UI
- CVE-2026-11556HIGHTenda F451 Command Injection Vulnerability (CVSS 8.8)