CVE-2025-51387 Information
Aug 05, 2025
cve
Description
The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be executed in Node.js mode enabling attackers to pass arguments that result in arbitrary code execution.
Reference
https://github.com/r3ggi/electroniz3r https://packetstorm.news/files/id/207677 https://www.electronjs.org/blog/statement-run-as-node-cves#mitigation
Related CNNVD
CNNVD-202508-261 (Published: 2025-08-04)
Share on: