CVE-2023-46944

HIGH

GitKraken GitLens < 14.0.0 - Remote Code Execution via Workspace Trust Component

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-46944. PoCs published by h00die, Paul Gerste, including Metasploit module exploits/multi/fileformat/gitlens_local_config_exec.

AI-analyzed exploit summary This Metasploit module exploits CVE-2023-46944 in GitLens by crafting a malicious Git repository with a .git/config file that executes arbitrary commands via the fsmonitor setting. The exploit generates a ZIP archive containing the malicious repository, which, when opened in VSCode with GitLens, triggers command execution.

Description

An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component.

Exploits (1)

metasploit WORKING POC EXCELLENT
by h00die, Paul Gerste · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/fileformat/gitlens_local_config_exec.rb

This Metasploit module exploits CVE-2023-46944 in GitLens by crafting a malicious Git repository with a .git/config file that executes arbitrary commands via the fsmonitor setting. The exploit generates a ZIP archive containing the malicious repository, which, when opened in VSCode with GitLens, triggers command execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: GitKraken GitLens before v14.0.0
No auth needed
Prerequisites: Victim must open the malicious repository in VSCode with GitLens installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.8
EPSS 0.0124
EPSS Percentile 65.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
gitkraken/gitlens < 14.0.0
Published Nov 28, 2023
Tracked Since Feb 18, 2026