NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-11745

Summary	A vulnerability has been identified in centraldogma-server-mirror-git versions prior to 0.84.0, where the Git mirror SSH client does not verify remote host keys for git+ssh:// connections, allowing an on-path attacker to perform man-in-the-middle attacks and compromise mirrored repositories.
Publication Date	June 22, 2026, 12:16 p.m.
Registration Date	June 27, 2026, 4:08 a.m.
Last Update	June 23, 2026, 5:21 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/line/centraldogma/security/advisories/GHSA-vjfw-cpmh-xwv3	dl_cve@linecorp.com
2	https://github.com/line/centraldogma/security/advisories/GHSA-vjfw-cpmh-xwv3	134c704f-9b21-4f2e-91b3-4a467353bcc0

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-322	エンティティ認証のない鍵交換	https://cwe.mitre.org/data/definitions/322.html
2	CWE-322	エンティティ認証のない鍵交換	https://cwe.mitre.org/data/definitions/322.html