CVE-2026-3515HIGH 8.5EPSS p30.0%

CVE-2026-3515CVE-2026-3515

Description

A vulnerability in the `GitHubRepository` block of the `prefect-github` integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the `reference` field. The `reference` field is concatenated directly into a `git clone` command string without proper sanitization, and then parsed by `shlex.split()`. This enables injection of options such as `-c`, leading to potential Server-Side Request Forgery (SSRF), credential theft, or remote code execution (RCE). The vulnerability affects both the `aget_directory()` and `get_directory()` methods in `src/integrations/prefect-github/prefect_github/repository.py`. This issue does not affect the GitLab and BitBucket integrations, which use a safer list-based command construction approach.

Scoring

CVSS 3.08.5 (HIGH)
VectorCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
EPSS0.38% probability of exploitation · percentile 30.0% · 2026-06-19T12:03:05Z
Published2026-05-24
Last modified2026-05-26

Underlying weaknesses· 1

CWE-88

References

  1. https://huntr.com/bounties/f3b048b8-7f4e-45ef-a5a7-cb841c39acde

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Argument Delimiters in a Command ('Argument Injection')cwe-880%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-3514
CVE
CVE-2026-11572
CVE
CVE-2026-21256
CVE
CVE-2026-3854
CVE
CVE-2026-21518
CVE
CVE-2026-45570
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.