CVE Catalog

CVE-2026-11968

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

3th percentile — higher than 3% of all known CVEs

Summary

TortoiseGitBlame is vulnerable to argument injection via malicious Git history filenames, leading to arbitrary file write in TortoiseGit.

Risk Assessment

This vulnerability could allow attackers to modify or delete files on the system, potentially leading to data loss or system integrity issues.

Recommendation

It is recommended to update TortoiseGit to the latest version to mitigate this vulnerability and implement controls over Git history filenames.

Original NVD description (English source)

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit

Vulnerability data from NVD (NIST) · CISA KEV · EPSS