Sign in Subscribe

← All advisories

Medium severity6.8OSV Advisory· Published Sep 29, 2025· Updated Apr 15, 2026

CVE-2025-61659

CVE-2025-61659

Description

bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name.

Affected products

1

Magicmonty/Bash Git PromptOSV
Range: 2.6.1, 2.6.2, 2.6.3, …

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

github.com/magicmonty/bash-git-prompt/issues/561nvd

News mentions

0

No linked articles in our index yet.