Local File Inclusion Vulnerability in Repomix by Yamadashy
CVE-2026-59703
8.7HIGH
What is CVE-2026-59703?
Repomix contains a local file inclusion vulnerability within its git clone endpoint, allowing unauthenticated users to exploit file:// URLs. This flaw exists in the isValidRemoteValue function, which fails to sufficiently validate remote values, enabling attackers to bypass security measures and access sensitive local git repository contents directly from the server's filesystem.
Affected Version(s)
repomix 0
repomix 0 < 1.14.1
repomix 0
