{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33353", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-18T22:15:11.814Z", "datePublished": "2026-03-24T19:39:38.331Z", "dateUpdated": "2026-03-25T13:35:15.415Z"}, "containers": {"cna": {"title": "Soft Serve: Authenticated repo import can clone server-local private repositories", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-862", "lang": "en", "description": "CWE-862: Missing Authorization", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp"}, {"name": "https://github.com/charmbracelet/soft-serve/commit/c147421caf234bcfc1570c79d728ecbbe5813e55", "tags": ["x_refsource_MISC"], "url": "https://github.com/charmbracelet/soft-serve/commit/c147421caf234bcfc1570c79d728ecbbe5813e55"}, {"name": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.6", "tags": ["x_refsource_MISC"], "url": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.6"}], "affected": [{"vendor": "charmbracelet", "product": "soft-serve", "versions": [{"version": ">= 0.6.0, < 0.11.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-24T19:39:38.331Z"}, "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. This issue has been patched in version 0.11.6."}], "source": {"advisory": "GHSA-xgxp-f695-6vrp", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T13:35:10.938907Z", "id": "CVE-2026-33353", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T13:35:15.415Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Soft Serve: Authenticated repo import can clone server-local private repositories", "source": {"advisory": "GHSA-xgxp-f695-6vrp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "charmbracelet", "product": "soft-serve", "versions": [{"status": "affected", "version": ">= 0.6.0, < 0.11.6"}]}], "references": [{"url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp", "name": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/charmbracelet/soft-serve/commit/c147421caf234bcfc1570c79d728ecbbe5813e55", "name": "https://github.com/charmbracelet/soft-serve/commit/c147421caf234bcfc1570c79d728ecbbe5813e55", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.6", "name": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.6", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. This issue has been patched in version 0.11.6."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-24T19:39:38.331Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33353", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T13:35:10.938907Z"}}}], "references": [{"url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp", "tags": ["exploit"]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-25T13:35:04.720Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-33353", "state": "PUBLISHED", "dateUpdated": "2026-03-24T19:39:38.331Z", "dateReserved": "2026-03-18T22:15:11.814Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-24T19:39:38.331Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:charm:soft_serve:*:*:*:*:*:go:*:*", "matchCriteriaId": "EDBD42A1-C2A7-4A84-AA41-6317A9812FF7", "versionEndExcluding": "0.11.6", "versionStartIncluding": "0.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. This issue has been patched in version 0.11.6."}], "id": "CVE-2026-33353", "lastModified": "2026-03-25T21:59:38.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-24T20:16:29.573", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/charmbracelet/soft-serve/commit/c147421caf234bcfc1570c79d728ecbbe5813e55"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.11.6"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-xgxp-f695-6vrp"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-862"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.6.0,0.11.6)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "soft-serve", "source": "cna", "vendor": "charmbracelet"}, "product": "soft-serve", "vendor": "charmbracelet"}], "analysis": {"en": {"generated_at": "2026-03-24T21:36:48.356154+00:00", "value": {"mitigation_remediation": ["Upgrade Soft Serve to version 0.11.6 or later."], "summary": {"action": "Apply Patch", "impact": "Unauthorized Repository Access"}, "threat_synthesis": {"affected_systems": "The vulnerability affects versions of Soft Serve ranging from 0.6.0 up to, but not including, 0.11.6, hosted under the Charmbracelet official product \"Soft Serve.\"", "description_and_impact": "An authorization flaw in the repository import feature of Soft Serve permits any authenticated SSH user to clone a Git repository that resides on the server, including repositories marked as private by other users. This flaw turns a benign import operation into a stealthy data\u2011exposure channel, thereby violating confidentiality boundaries. The weakness aligns with Information Exposure (CWE\u2011200) and Missing Authorization (CWE\u2011862).", "risk_and_exploitability": "The CVSS base score of 7.1 indicates a medium\u2011to\u2011high risk. Exploitation requires the attacker to be an authenticated SSH user on the host, providing a network\u2011based attack vector. No EPSS data is available, and the vulnerability is not listed in the CISA KEV catalog, suggesting lower publicly known exploitation, yet the credentialed nature of the attack still warrants prompt remediation."}}}}, "created": "2026-03-25T11:46:12.837428+00:00", "updated": "2026-03-25T20:57:37.789487+00:00", "vendors": ["charmbracelet", "charmbracelet$PRODUCT$soft-serve"]}