cve/CVE-2025-58357.md at b99156590a6b0c1cf0b374aa41887d37143570c8

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP servers, and exploited tool integrations. This is fixed in version 0.14.0.

POC

Reference

https://github.com/nanbingxyz/5ire/security/advisories/GHSA-8527-3cch-95gf

Github

No PoCs found on GitHub currently.

1009 B Raw Blame History

CVE-2025-58357

Description

POC

Reference

Github

1009 B

Raw Blame History