CVE-2025-46835 is a high-severity vulnerability affecting the j6t git-gui tool, which provides a graphical user interface for Git source control management. The vulnerability is classified under CWE-88, indicating improper neutralization of argument delimiters in a command, commonly known as argument injection. This flaw arises when a user clones an untrusted repository and is tricked into editing a file located within a maliciously named directory in that repository. Due to insufficient sanitization of directory names, git-gui can be manipulated to create or overwrite arbitrary files for which the user has write permissions. This occurs because the malicious directory name can inject command arguments that alter the intended file operations, leading to unauthorized file creation or overwriting. The vulnerability affects multiple versions of git-gui prior to fixed releases, specifically versions before 2.43.7 and several incremental versions up to 2.50.1, where patches have been applied. The CVSS v3.1 base score is 8.5, reflecting a high severity with the vector AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L. This means the attack requires local access (local vector), low attack complexity, no privileges required, but user interaction is necessary. The scope is changed, indicating that the vulnerability can affect resources beyond the initially vulnerable component. The impact on confidentiality and integrity is high, with limited impact on availability. No known exploits are currently reported in the wild. The vulnerability is significant because it enables an attacker to leverage user interaction with malicious repositories to perform unauthorized file operations, potentially leading to code execution or data tampering within the context of the user's permissions.

For European organizations, this vulnerability poses a substantial risk, especially for development teams and environments that use git-gui for source control management. Since git-gui is a common tool for interacting with Git repositories, organizations that clone repositories from untrusted or external sources could be exposed to maliciously crafted repositories designed to exploit this flaw. The ability to create or overwrite files arbitrarily can lead to unauthorized code injection, backdoors, or tampering with critical configuration files, potentially compromising the integrity and confidentiality of software projects. This risk is heightened in collaborative environments where developers frequently pull from external or third-party repositories. Additionally, the vulnerability requires user interaction, meaning social engineering or phishing tactics could be employed to trick users into opening malicious repositories. The impact on availability is low but the high impact on confidentiality and integrity could lead to data breaches, intellectual property theft, or supply chain compromises. European organizations in sectors such as finance, technology, and critical infrastructure, which rely heavily on secure software development practices, could face significant operational and reputational damage if exploited.

To mitigate this vulnerability, European organizations should immediately upgrade git-gui to the fixed versions 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, or 2.50.1, depending on their current version. Beyond patching, organizations should implement strict policies to restrict cloning and editing of repositories only from trusted sources. Employing repository scanning tools that detect suspicious or malicious directory names before allowing cloning can reduce risk. User training is critical to raise awareness about the dangers of cloning untrusted repositories and recognizing social engineering attempts. Additionally, running git-gui in restricted environments or containers with limited file system permissions can minimize the impact of potential exploitation. Monitoring file system changes and employing integrity verification tools on development machines can help detect unauthorized file modifications early. Finally, integrating secure software development lifecycle (SDLC) practices that include code review and repository vetting will further reduce exposure to such threats.