skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

GitHub Desktop Vulnerabilities Expose User Credentials

/ 1 min read

🔗 Multiple vulnerabilities in GitHub Desktop expose user credentials. Security researcher Ry0taK has identified several vulnerabilities in GitHub Desktop and related Git projects that could allow attackers to access users’ Git credentials. Key issues include CVE-2025-23040, which can leak credentials through malicious URLs, and CVE-2024-53263, where Git LFS fails to check for harmful control characters. The vulnerabilities stem from improper message handling, leading to potential credential leakage. GitHub has released updates to address these issues, urging users to upgrade to the latest version or avoid using the credential helper with untrusted repositories. Users are advised to exercise caution when cloning repositories to mitigate risks associated with these vulnerabilities.

Source
{entry.data.source.title}
Original