Product
An incomplete patch for CVE-2026-42215 in GitPython allows newline injection in the section parameter of the config_writer() function, enabling arbitrary .git/config modification and remote code execution via core.hooksPath.