repomix CLI Command Injection (RCE) via --remote-branch (CVE-2026-49987)
The `repomix` CLI tool is vulnerable to command injection (CVE-2026-49987) via unsanitized user input in the `--remote-branch` argument, allowing attackers to inject arbitrary `git` command-line options like `--upload-pack` and achieve remote code execution with the privileges of the running user, potentially leading to CI/CD pipeline compromise.
The repomix CLI tool, a utility for managing repositories, contains a critical command injection vulnerability (CVE-2026-49987) in versions prior to 1.14.1. Discovered by Abhijith S. (@kakashi-kx), this flaw stems from improper handling of the --remote-branch argument within the src/core/git/gitCommand.ts file. User-controlled input for --remote-branch is passed directly to git fetch and git checkout subprocesses via child_process.execFileAsync without proper sanitization or the use of -- positional delimiters. This allows an attacker to inject arbitrary git command-line options, notably --upload-pack, alongside SSH or local remote URLs. The vulnerability effectively bypasses an existing dangerousParams blocklist designed to prevent such attacks, as this validation was not applied to the remoteBranch parameter. Successful exploitation grants remote code execution capabilities, enabling an attacker to compromise systems running repomix with the privileges of the executing user, making CI/CD environments a significant target.
Attack Chain
- An attacker invokes the
repomixCLI tool, likely through a script or automated process. - The attacker supplies a specially crafted
--remote-branchargument, for example,--upload-pack=/tmp/malicious-pack, to inject malicious options into thegitcommand. repomix'sexecGitShallowClonefunction insrc/core/git/gitCommand.tsis called internally.- The malicious
--remote-branchargument, containing the injected--upload-packoption, is passed unsanitized todeps.execFileAsyncwhich executesgit fetch. - The
gitprocess interprets--upload-pack=/tmp/malicious-packas a valid argument to specify an alternate program forupload-packoperations. gitattempts to invoke the attacker-controlled binary or script, such as/tmp/malicious-pack, as part of its transport helper process.- The
/tmp/malicious-packscript executes arbitrary commands (e.g.,id >> /tmp/repomix-pwned.txt) on the compromised system. - Remote Code Execution is achieved, allowing the attacker to run commands with the privileges of the user who executed
repomix.
Impact
The primary impact of CVE-2026-49987 is remote code execution (RCE) on the system where repomix is executed. This grants attackers complete system compromise capabilities with the privileges of the running user. A significant concern is the potential compromise of CI/CD environments; if repomix is used in automated pipelines and its --remote-branch parameter is populated by external or untrusted triggers (e.g., webhook payloads, pull request titles), attackers can leverage this vulnerability to gain control of build servers. This could lead to exfiltration of sensitive data, deployment of malicious code, or further lateral movement within an organization's infrastructure.
Recommendation
- Update
repomixto version 1.14.1 or later immediately to patch CVE-2026-49987. - Deploy the provided Sigma rule to detect
gitprocess creation with suspicious--upload-packarguments. - Ensure
process_creationlogging for Linux systems is enabled and configured to capture command-line arguments to activate the detection rule. - Review any CI/CD pipelines or automated workflows that utilize
repomixand where the--remote-branchparameter might be populated by untrusted or external input.
Detection coverage 1
Detect CVE-2026-49987 Exploitation - Git --upload-pack Injection
highDetects CVE-2026-49987 exploitation - `git` process creation with a suspicious `--upload-pack` argument, indicating command injection through `repomix`.
Detection queries are available on the platform. Get full rules →