CVE-2026-32631 HIGH

CVE-2026-32631: Git for Windows: `git clone` from manipulated repositories can leak NTLM hashes to arbitrary servers

Vendor Git-For-Windows

Product git

Weakness CWE-200 · Info exposure

Published April 15, 2026

Last update April 15, 2026

View on NVD All CVEs

CVSS base score

7.4/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses an attacker-controlled server. By default, NTLM authentication does not need any user interaction. By brute-forcing the NTLMv2 hash (which is expensive, but possible), credentials can be extracted. This issue has been fixed in version 2.53.0.windows.3.

Key dates

02Disclosure timeline

April 15, 2026 CVE published

April 15, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-32631 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

CVE-2026-32631: Git for Windows: `git clone` from manipulated repositories can leak NTLM hashes to arbitrary servers

01Description

02Disclosure timeline

03References

04Related CVE