The host is installed with Git before 2.39.2 or Visual Studio 2017 or 2019 or 2022 and is prone to an untrusted search path vulnerability. A flaw is present in the application, which fails to handle an issue in `gitk` component. Successful exploitation allows attackers to potentially run executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code.