CVE-2025-46334 | Git GUI Operational Intel

Executive Risk Summary

"A malicious repository can exploit a vulnerability in Git GUI, allowing it to execute arbitrary code by shipping malicious versions of sh.exe or typical textconv filter programs. This vulnerability is fixed in various Git GUI versions, including 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1."

Operational Audit Arsenal

Target Type Executable

Target Asset sh.exe

Standard Path %CD%

PowerShell

# 🛠️ Senior Engineer Universal Audit
# Target: sh.exe (Executable)
$Targets = 'sh.exe'
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")

Get-ChildItem -Path $SearchPaths -Include $Targets -Recurse -ErrorAction SilentlyContinue | 
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}