7.8
HIGH CVSS 3.1
CVE-2025-41390
TruffleHog Git Arbitrary Code Execution Vulnerability
Description

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability.

INFO

Published Date :

Oct. 20, 2025, 3:15 p.m.

Last Modified :

June 17, 2026, 9:22 a.m.

Remotely Exploit :

No
Affected Products

The following products are affected by CVE-2025-41390 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS 3.1 HIGH [email protected]
Solution
Update TruffleHog to a version that addresses the arbitrary code execution vulnerability.
  • Update TruffleHog to the latest version.
  • Avoid processing untrusted repositories.
  • Review Git security configurations.
Public PoC/Exploit Available at Github

CVE-2025-41390 has a 13 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-41390.

URL Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2243
https://trufflesecurity.com/blog/contributor-spotlight-adam-reiser-of-cisco-talos
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2243
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-41390 is associated with the following CWEs:

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

None

Dockerfile Makefile Shell Python Gnuplot Go TypeScript CSS JavaScript

Updated: 18 hours, 39 minutes ago
0 stars 0 fork 0 watcher
Born at : July 10, 2026, 8:46 a.m. This repo has been linked 1 different CVEs too.

None

HTML JavaScript

Updated: 11 hours, 47 minutes ago
0 stars 0 fork 0 watcher
Born at : July 9, 2026, 2:15 a.m. This repo has been linked 1 different CVEs too.

ftd

VBScript Batchfile Python PowerShell

Updated: 1 month ago
0 stars 0 fork 0 watcher
Born at : June 8, 2026, 8:44 p.m. This repo has been linked 1 different CVEs too.

None

Dockerfile Makefile Shell Gnuplot Go

Updated: 1 month, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : May 13, 2026, 1:30 p.m. This repo has been linked 1 different CVEs too.

Práctica de Puesta en Producción Segura sobre claves en Github

Updated: 2 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : April 20, 2026, 5:10 p.m. This repo has been linked 1 different CVEs too.

None

Dockerfile Makefile Shell Gnuplot Go

Updated: 4 months ago
0 stars 0 fork 0 watcher
Born at : March 9, 2026, 9 p.m. This repo has been linked 1 different CVEs too.

None

Dockerfile Makefile Shell Gnuplot Go

Updated: 5 months, 1 week ago
0 stars 0 fork 0 watcher
Born at : Feb. 1, 2026, 7:20 p.m. This repo has been linked 1 different CVEs too.

Templates pre-configure your repository with files. Include all branches If enabled, all branches from the template repository will be included.

Dockerfile Makefile Shell Gnuplot Go

Updated: 5 months, 1 week ago
1 stars 1 fork 1 watcher
Born at : Jan. 29, 2026, 8:40 p.m. This repo has been linked 1 different CVEs too.

Find, verify, and analyze leaked credentials

Shell Go Gnuplot Makefile Dockerfile

Updated: 5 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : Jan. 22, 2026, 4:06 a.m. This repo has been linked 1 different CVEs too.

None

Dockerfile Makefile Shell Gnuplot Go

Updated: 5 months, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : Jan. 18, 2026, 4:01 a.m. This repo has been linked 1 different CVEs too.

Exposure intelligence for the AI-infrastructure layer — finds and weighs leaked credentials, MCP/agent configs, git-metadata secrets, and supply-chain risk, and tells you which exposures to trust. Active verification, orphan-signal triage, SARIF dedup. OWASP LLM + MITRE ATLAS tagged.

asyncio cli git-security llm-security mcp ml-security offensive-security pentesting python react2shell secret-detection security security-scanner supply-chain-security vulnerability-scanner ai-security credential-scanner mitre-atlas owasp-llm

Python

Updated: 1 month ago
3 stars 0 fork 0 watcher
Born at : Jan. 14, 2026, 4:45 a.m. This repo has been linked 3 different CVEs too.

None

Dockerfile Makefile Shell Go Gnuplot

Updated: 5 months, 3 weeks ago
2 stars 2 fork 2 watcher
Born at : Nov. 16, 2022, 6:22 p.m. This repo has been linked 1 different CVEs too.

Find, verify, and analyze leaked credentials

secret trufflehog credentials security devsecops dynamic-analysis security-tools secrets verification secret-management precommit scanning

Dockerfile Makefile Go Shell Gnuplot Python

Updated: 3 days, 6 hours ago
26984 stars 2432 fork 2432 watcher
Born at : Dec. 31, 2016, 5:08 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-41390 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2025-41390 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Jun. 17, 2026

    Action Type Old Value New Value
    Added Affected [{'vendor': 'Truffle Security Co.', 'product': 'TruffleHog', 'versions': [{'status': 'affected', 'version': '3.90.2'}]}]
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jun. 17, 2026

    Action Type Old Value New Value
    Added SSVC {'id': 'CVE-2025-41390', 'role': 'CISA Coordinator', 'options': [{'exploitation': 'poc'}, {'automatable': 'no'}, {'technicalImpact': 'total'}], 'version': '2.0.3', 'timestamp': '2025-10-20T14:38:23.855752Z'}
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 03, 2025

    Action Type Old Value New Value
    Added Reference https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2243
  • New CVE Received by [email protected]

    Oct. 20, 2025

    Action Type Old Value New Value
    Added Description An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability.
    Added CVSS V3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    Added CWE CWE-829
    Added Reference https://talosintelligence.com/vulnerability_reports/TALOS-2025-2243
    Added Reference https://trufflesecurity.com/blog/contributor-spotlight-adam-reiser-of-cisco-talos
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.