GHSA-h72j-pmww-phww
GitHub Security Advisory
⚠ Unreviewed
HIGH
Has CVE
Advisory Details
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user’s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user’s local system.
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: July 7, 2025 6:28 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.