Untrusted search path in Git - CVE-2025-46334
Published: July 9, 2025
Vulnerability identifier: #VU112644
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2025-46334
CWE-ID: CWE-426
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Git
Affected software:
Git
Git
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of an untrusted search path in Git GUI on Windows. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects "Git Bash" or "Browse Files" from the menu.
Note, the vulnerability affects Windows installations only.
How to mitigate CVE-2025-46334
Install updates from vendor's website.