You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-48386
About this tag
CVE-2025-48386 is a critical security vulnerability in Git for Windows that affects the wincred credential helper. The flaw involves improper bounds checking when constructing credential storage keys, which can lead to buffer overflow attacks. This issue raises concerns about software supply chain security and credential management within the Windows ecosystem. Discussions on WindowsForum cover the technical details, potential risks, and available security fixes from Microsoft and Git maintainers. Users are advised to apply updates promptly to mitigate exposure.
A newly disclosed security flaw in Git for Windows has sent ripples through the developer and IT community, raising urgent concerns about software supply chain security and credentials management within the Windows ecosystem. Tracked as CVE-2025-48386, this vulnerability zeroes in on the Git...