CVE-2025-46835
HIGHDescription
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
Is your site exposed to CVE-2025-46835?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-46835? +
How severe is CVE-2025-46835? +
How do I check if I'm vulnerable to CVE-2025-46835? +
Related Vulnerabilities
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before …
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior …
XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or MSVC), the command …
Easywall 0.3.1 allows authenticated remote command execution via a command injection vulnerability in the /ports-save endpoint that suffers from a …
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution …
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, …