CVE-2026-30832

Critical CVSS: 9.1

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a fake LFS server can chain this into full read access to internal services by returning download URLs that point at internal targets. This issue has been patched in version 0.11.4.

Vendor

Charm

Product

Soft Serve

CWE

CWE-918

Yayın Tarihi

2026-03-07 16:15:55

Güncelleme

2026-03-11 20:36:30

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-918 Soft Serve CRITICAL Charm 2026

Referanslar

https://github.com/charmbracelet/soft-serve/commit/3ef660098ab37a7950457da8ecc25b516e37ce4e https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.4 https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-3fvx-xrxq-8jvv

Benzer Kayıtlar

High

CVE-2026-33353

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authoriza…

High

CVE-2026-24058

Soft Serve is a self-hostable Git server for the command line. Versions 0.11.2 and below have a critical authentication…

Medium

CVE-2026-22253

Soft Serve is a self-hostable Git server for the command line. Prior to version 0.11.2, an authorization bypass in the L…

Critical

CVE-2025-64522

Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where…

Medium

CVE-2025-22130

Soft Serve is a self-hostable Git server for the command line. Prior to 0.8.2 , a path traversal attack allows existing…