CVE-2025-10283CRITICAL 9.6EPSS p34.8%

CVE-2025-10283CVE-2025-10283

Description

BBOT's gitdumper module could be abused to execute commands through a malicious git repository.

Scoring

CVSS 3.19.6 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS0.44% probability of exploitation · percentile 34.8% · 2026-06-18T12:00:27Z
Published2025-10-09
Last modified2026-04-15

Underlying weaknesses· 1

CWE-22

References

  1. https://blog.blacklanternsecurity.com/p/bbot-security-advisory-gitdumper

1

TypeTargetConfidenceTier
WeaknessImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')cwe-220%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-10284
CVE
CVE-2025-29902
CVE
CVE-2025-62630
CVE
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability
CVE
CVE-2025-24861
CVE
CVE-2025-59171
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.