Vulnerability  ·  2026-07-17

Repomix — Git Option Injection via Unvalidated --remote-branch Parameter

VulnerabilityMedium impactGlobalCVE-2026-49987
Repomix's shallow-clone helper failed to sanitize a user-controllable branch-name parameter before passing it to git commands, permitting git option injection.
Repomix is widely used by developers to package repository contents for LLM context windows; option injection during the clone step of an AI tooling pipeline can lead to code execution when packing an untrusted third-party repository.
src/core/git/gitCommand.ts's execGitShallowClone function passes a --remote-branch value directly to git fetch and git checkout without validation or an --end-of-options separator, allowing an attacker-supplied branch name to inject additional git options such as --upload-pack, potentially leading to command execution during the clone.
Repomix prior to 1.14.1
Upgrade to Repomix 1.14.1 or later.
NVD CVE-2026-49987
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →