CVE-2026-14722

Summary

A vulnerability was found in tiddly-gittly TidGi-Desktop up to 0.13.0. This impacts an unknown function of the file src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts of the component Git Repository Import. The manipulation results in code injection. The attack may be performed from remote. The exploit has been made public and could be used.

Affected Software

VendorProductVersion RangeStatus
tiddly-gittlyTidGi-Desktop0.1affected
tiddly-gittlyTidGi-Desktop0.2affected
tiddly-gittlyTidGi-Desktop0.3affected
tiddly-gittlyTidGi-Desktop0.4affected
tiddly-gittlyTidGi-Desktop0.5affected
tiddly-gittlyTidGi-Desktop0.6affected
tiddly-gittlyTidGi-Desktop0.7affected
tiddly-gittlyTidGi-Desktop0.8affected
tiddly-gittlyTidGi-Desktop0.9affected
tiddly-gittlyTidGi-Desktop0.10affected
tiddly-gittlyTidGi-Desktop0.11affected
tiddly-gittlyTidGi-Desktop0.12affected
tiddly-gittlyTidGi-Desktop0.13.0affected

Weaknesses

  • CWE-94: Code Injection
  • CWE-74: Injection

References