A vulnerability exists in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions before 5.6.0, a malicious actor with write access to a user\'s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\'s local system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
keybase keybase |