What is the CVSS score of CVE-2026-52726?

CVE-2026-52726 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Which versions of Dulwich are affected by CVE-2026-52726?

Dulwich versions 0.23.2 through 1.2.4 contain an arbitrary code execution vulnerability triggered when cloning repositories or updating submodules from untrusted sources.

How to fix or mitigate CVE-2026-52726?

Within 24 hours: Identify all Dulwich 0.23.2-1.2.4 instances across development, CI/CD, and deployment systems; restrict all Dulwich operations to whitelisted internal repositories only. Within 7 days: Implement controls to block git hook execution from untrusted sources; audit recent clone and submodule operations for compromise indicators. Within 30 days: Monitor Dulwich security advisories continuously; deploy patch immediately upon vendor release or migrate to native git tooling.

Dulwich CVE-2026-52726

HIGH

Path Traversal (CWE-22)

2026-06-10 GitHub_M

Path Traversal Python RCE

7.5

CVSS 3.1 · Vendor: GitHub_M

Severity by source

Vendor (GitHub_M) PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

vuln.today AI

8.8 HIGH

Network-delivered via malicious repo (AV:N), no auth on attacker side (PR:N), but victim must initiate the recursive clone (UI:R); resulting hook execution yields full C/I/A compromise.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Source Code Evidence Fetched

Jun 10, 2026 - 22:53 vuln.today

Analysis Generated

Jun 10, 2026 - 22:53 vuln.today

DescriptionCVE.org

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, dulwich.porcelain.submodule_update, and by extension porcelain.clone(..., recurse_submodules=True), materializes attacker-controlled submodule paths from a crafted upstream repository without path validation. A malicious .gitmodules plus a matching tree gitlink whose path is .git/hooks (or any other directory inside the parent repository's .git directory) causes the attacker's submodule tree contents to be written directly into the victim's .git/hooks/ directory, preserving executable mode bits. The dropped executables are then run by any subsequent git or dulwich command that invokes the matching hook, resulting in arbitrary code execution. This is the dulwich equivalent of the upstream Git fixes for CVE-2024-32002 / CVE-2024-32004, which were never propagated into dulwich's separately implemented submodule porcelain. Version 1.2.5 patches the issue.

Articles & Coverage 1

News 7 New Python Vulnerabilities - 1 Critical, 6 High Severity Jun 11, 2026

AnalysisAI

Arbitrary code execution in Dulwich (pure-Python Git implementation) versions 0.23.2 through 1.2.4 allows a malicious upstream repository to drop executable files into a victim's .git/hooks/ directory during a recursive clone or submodule update. When the victim subsequently runs any git or dulwich command that invokes the planted hook, the attacker's code executes with the victim's privileges. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Publish malicious repo with crafted .gitmodules

Delivery

Victim runs dulwich recursive clone

Exploit

Submodule tree written to .git/hooks/ with +x

Execution

Victim runs follow-on git/dulwich command

Persist

Hook executes attacker payload

Impact

Arbitrary code execution as victim user

Access

Publish malicious repo with crafted .gitmodules

Delivery

Victim runs dulwich recursive clone

Exploit

Submodule tree written to .git/hooks/ with +x

Execution

Victim runs follow-on git/dulwich command

Persist

Hook executes attacker payload

Impact

Arbitrary code execution as victim user

Vulnerability AssessmentAI

Exploitation	The victim must perform a recursive submodule operation against an attacker-controlled repository - specifically a call to dulwich.porcelain.clone(..., recurse_submodules=True) or a direct call to dulwich.porcelain.submodule_update - using dulwich version 0.23.2 through 1.2.4. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The NVD CVSS vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (7.5) materially understates real-world risk: the description explicitly states arbitrary code execution, which implies C:H/I:H/A:H, and exploitation realistically requires the victim to clone an attacker-controlled repository (UI:R) - so both the impact metrics and the UI metric in the published vector appear inconsistent with the described behaviour. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker publishes a malicious repository (e.g. on a public forge, or as a transitive dependency referenced by a legitimate-looking project) whose .gitmodules declares a submodule with path '.git/hooks' and whose tree contains an executable named 'post-checkout' or 'pre-commit'. …
Remediation	Vendor-released patch: dulwich 1.2.5 (https://github.com/jelmer/dulwich/releases/tag/dulwich-1.2.5) - upgrade immediately, which is the primary remediation as it adds submodule path validation rejecting entries that resolve inside .git or above the work tree. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Dulwich 0.23.2-1.2.4 instances across development, CI/CD, and deployment systems; restrict all Dulwich operations to whitelisted internal repositories only. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-43986 CRITICAL Act Now

9.9 Jun 04

Unauthenticated server-side request forgery in Tautulli versions prior to 2.17.1 allows remote attackers to coerce the T

CVE-2026-47731 CRITICAL Act Now

9.1 Jun 05

Path traversal in NASA AMMOS AIT-Core's Binary Stream Capture (BSC) component allows unauthenticated remote attackers to

CVE-2026-48031 CRITICAL Act Now

9.1 Jun 10

Authentication bypass in dhax/go-base Go REST API boilerplate (versions prior to commit cc82b974, merged May 17, 2026) a

CVE-2026-41065 HIGH This Week

8.9 Jun 04

Remote code execution in Tautulli versions prior to 2.17.1 allows attackers to achieve unauthenticated RCE on fresh inst

CVE-2026-43984 HIGH This Week

8.9 Jun 04

Stored cross-site scripting in Tautulli before 2.17.1 allows low-privilege authenticated users (including guests when gu

CVE-2026-52726 vulnerability details – vuln.today

Back

Dulwich CVE-2026-52726

Severity by source

CVSS VectorVendor: GitHub_M

Lifecycle Timeline

DescriptionCVE.org

Articles & Coverage 1

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code