High severity7.4NVD Advisory· Published Mar 10, 2026· Updated Apr 21, 2026
CVE-2025-66413
CVE-2025-66413
Description
Git for Windows is the Windows port of Git. Prior to 2.53.0(2), it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the user's account name and password. This vulnerability is fixed in 2.53.0(2).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.53.0(2)
Patches
Vulnerability mechanics
References
2- github.com/git-for-windows/git/security/advisories/GHSA-hv9c-4jm9-jh3xnvdExploitVendor Advisory
- github.com/git-for-windows/git/releases/tag/v2.53.0.windows.2nvdRelease Notes
News mentions
0No linked articles in our index yet.