CVE-2025-47777
CRITICAL5ire < 0.11.1 - Stored Cross-Site Scripting and Remote Code Execution via Electron Protocol Handling
Title source: llmDescription
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Versions prior to 0.11.1 are vulnerable to stored cross-site scripting in chatbot responses due to insufficient sanitization. This, in turn, can lead to Remote Code Execution (RCE) via unsafe Electron protocol handling and exposed Electron APIs. All users of 5ire client versions prior to patched releases, particularly those interacting with untrusted chatbots or pasting external content, are affected. Version 0.11.1 contains a patch for the issue.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
https://github.com/nanbingxyz/5ire/security/advisories/GHSA-mr8w-mmvv-6hq8
Patch x_refsource_misc
https://github.com/nanbingxyz/5ire/commit/56601e012095194a4be0d4cb6da6b5b3cb53dea8
Not Applicable x_refsource_misc
https://positive.security/blog/url-open-rce
Not Applicable x_refsource_misc
https://shabarkin.notion.site/1-click-RCE-in-Electron-Applications-501c2e96e7934610979cd3c72e844a22
Not Applicable x_refsource_misc
https://www.electronjs.org/docs/latest/tutorial/security
Exploit x_refsource_misc
https://www.youtube.com/watch?v=ROFYhS9E9eU
Scores
CVSS v3
9.6
EPSS
0.0080
EPSS Percentile
51.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-20
CWE-79
Status
published
Products (1)
5ire/5ire
< 0.11.1
Published
May 14, 2025
Tracked Since
Feb 18, 2026