CVE Catalog
CVE-2026-11968
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk0.12%
3th percentile — higher than 3% of all known CVEs
Summary
TortoiseGitBlame is vulnerable to argument injection via malicious Git history filenames, leading to arbitrary file write in TortoiseGit.
Risk Assessment
This vulnerability could allow attackers to modify or delete files on the system, potentially leading to data loss or system integrity issues.
Recommendation
It is recommended to update TortoiseGit to the latest version to mitigate this vulnerability and implement controls over Git history filenames.
Original NVD description (English source)
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit

