CVE-2026-11968

EUVD-2026-38733
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit
Argument Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://gitlab.com/tortoisegit/tortoisegit/-/commit/7052e3ef61cd104f8a90fb3dcdfb403cbc8c1773
https://tortoisegit.org/issue/4269