Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionGitHub Advisory
GitButler is a modern Git-based version control interface for AI-powered workflows. Prior to 0.19.7, a emote code execution vulnerability exists in the Tauri-based GitButler desktop application. An attacker can inject a malicious link in a pull request body, which if clicked by the user allows for arbitrary script execution in the Tauri webview. Users that have not enabled forge integration are not at risk. This vulnerability is fixed in 0.19.7.
AnalysisAI
Remote code execution in GitButler desktop application versions prior to 0.19.7 allows attackers to execute arbitrary scripts within the Tauri webview by injecting malicious links into pull request bodies. The flaw activates when a user with forge integration enabled clicks the crafted link, leading to full compromise of the desktop client context. No public exploit identified at time of analysis, though the GitHub Security Advisory GHSA-xpmj-536r-9fc6 publicly documents the issue.
Technical ContextAI
GitButler is a Git-based version control GUI built on the Tauri framework, which uses a system webview (WebKit on macOS, WebView2 on Windows, WebKitGTK on Linux) bridged to a Rust backend. CWE-94 (Improper Control of Generation of Code, i.e. Code Injection) here manifests because pull request body content rendered by GitButler's forge integration is not properly sanitized before being injected into the Tauri webview, allowing crafted hyperlinks to escape into executable script context. The CPE cpe:2.3:a:gitbutlerapp:gitbutler:*:*:*:*:*:*:*:* covers all GitButler versions prior to the 0.19.7 fix.
RemediationAI
Upgrade to GitButler 0.19.7 or later, which is the vendor-released patch containing the fix as documented in GHSA-xpmj-536r-9fc6 (https://github.com/gitbutlerapp/gitbutler/security/advisories/GHSA-xpmj-536r-9fc6). If immediate patching is not feasible, disable forge integration in GitButler as a compensating control - the vendor confirms users without forge integration enabled are not vulnerable; the trade-off is loss of pull request and remote repository UI features within the client. Until patched, instruct users to avoid clicking links in pull request bodies from untrusted contributors and to review PR content through a browser or other tooling instead.
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32944