Vendor
A critical remote code execution (RCE) vulnerability exists in TidGi Desktop through version 0.13.0, allowing attackers to execute arbitrary code with full Node.js access by tricking victims into importing a specially crafted TiddlyWiki Git repository, leveraging the automatic execution of 'startup' modules during the wiki boot sequence.