HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-52726Published Modified CNA GitHub_M

CVE-2026-52726: Dulwich's submodule path traversal in porcelain.submodule_update / porcelain.clone(recurse_submodules=True) yields RCE via attacker-dropped .git/hooks payload

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, `dulwich.porcelain.submodule_update`, and by extension `porcelain.clone(..., recurse_submodules=True)`, materializes attacker-controlled submodule paths from a crafted upstream repository without path validation. A malicious `.gitmodules` plus a matching tree gitlink whose `path` is `.git/hooks` (or any other directory inside the parent repository's `.git` directory) causes the attacker's submodule tree contents to be written directly into the victim's `.git/hooks/` directory, preserving executable mode bits. The dropped executables are then run by any subsequent `git` or `dulwich` command that invokes the matching hook, resulting in arbitrary code execution. This is the dulwich equivalent of the upstream Git fixes for CVE-2024-32002 / CVE-2024-32004, which were never propagated into dulwich's separately implemented submodule porcelain. Version 1.2.5 patches the issue.

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A path-traversal vulnerability in Dulwich, the pure-Python Git implementation, allows a malicious repository to write attacker-controlled files into the victim's .git/hooks/ directory during submodule cloning or update. The exploit is reachable over the network with no authentication required, triggered simply by cloning or updating a crafted repository. Successful exploitation drops executable hook scripts that run arbitrary code the next time any git or dulwich command fires the corresponding hook. No fix version has been published yet; HarborGuard tracks this advisory and will make a patched-image rebuild available as soon as upstream ships a release.

HarborGuard Coverage

Detection

Detection for CVE-2026-52726 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle dulwich directly or as a transitive dependency.

Available
Triage

HarborGuard is capable of scoring this CVE at CVSS 7.5 HIGH and weighting it against each environment's compliance policy to surface it at the correct severity tier; routing to the designated security or development inbox within each customer org is available automatically.

Available
Patch

Because no upstream fix has been published, HarborGuard re-checks the advisory on every ingest cycle; the moment dulwich 1.2.5 or a later patched release is available, a rebuilt image at that version becomes available, and customers with auto-remediation enabled will receive a rebuild, a regression-test run, and a PR opened against affected workloads.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker serves a crafted repository over the network; the victim must be able to reach that repository endpoint to trigger the vulnerable clone or submodule-update path.

  • AuthenticationNot required

    No credentials are needed; any unauthenticated caller of porcelain.clone or submodule_update against a public or self-hosted repository is sufficient to trigger the traversal.

  • Victim interactionNot required

    No user action beyond the normal clone or submodule-update operation is required; the payload lands and becomes executable without any additional prompting.

  • Attack complexityDetail

    Exploitation is reliable and condition-free once the victim clones the repository; no race conditions or special memory layout is required.

Blast Radius

  • Attacker-controlled scripts are written with executable permissions into .git/hooks/, allowing arbitrary operating-system commands to execute under the identity of the user running git or dulwich operations.
  • Any subsequent hook-triggering command (commit, merge, push, fetch, or a dulwich porcelain call) automatically runs the dropped payload without further attacker interaction.
  • Depending on the runtime context, the attacker gains code execution inside the container or host process, enabling file system reads, writes, or lateral movement within the same environment.
  • Confidentiality impact is not rated High in the CVSS vector, but integrity and availability of the affected workload are fully compromised through arbitrary code execution.

How HarborGuard Handles This

Available on HarborGuard: detection for this CVE is active across all customer environments for any image containing dulwich >= 0.23.2 and < 1.2.5. Because no upstream patch exists yet, HarborGuard monitors the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment dulwich publishes a fix. In the interim, compensating controls are available: customers can apply network-policy rules to restrict outbound connections to untrusted repository hosts, gate use of porcelain.clone with recurse_submodules=True behind a feature flag or policy check, and configure egress filtering to limit which hosts dulwich-enabled workloads can reach. Where compliance policy permits, auto-remediation customers will receive a rebuilt image, a regression-test run, and a PR opened against affected workloads with no manual steps required once the upstream fix is published.

See how HarborGuard automates this
Affected packages
  • jelmer / dulwich
    >= 0.23.2, < 1.2.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References