CVE-2026-25934

Improper verification of data integrity values for .idx and .pack files in github.com/go-git/go-git

Description

Improper verification of data integrity values for .idx and .pack files in github.com/go-git/go-git

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

4.3

Severity

Medium

Ecosystem

GO

Publish Date

February 19, 2026

Modified Date

February 20, 2026

Score Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Versions