CVE-2025-55996

MEDIUM

Viber < 25.6.0 - HTML Injection via Message Compose/Forward Text Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-55996. PoCs published by thawkhant.

AI-analyzed exploit summary This repository contains a writeup for CVE-2025-55996, detailing an HTML injection vulnerability in Viber Desktop's deep-link handler. The vulnerability allows unsanitized HTML rendering in the message compose/forward interface, enabling remote resource loading and UI manipulation.

Description

Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface

Exploits (1)

nomisec WRITEUP 1 stars

by thawkhant · poc

https://github.com/thawkhant/viber-desktop-html-injection

View Code ZIP pw:eip

This repository contains a writeup for CVE-2025-55996, detailing an HTML injection vulnerability in Viber Desktop's deep-link handler. The vulnerability allows unsanitized HTML rendering in the message compose/forward interface, enabling remote resource loading and UI manipulation.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Viber Desktop 25.6.0 (and possibly earlier)

No auth needed

Prerequisites: User interaction to click a crafted deep link

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory

https://github.com/thawkhant/viber-desktop-html-injection

Scores

CVSS v3 6.3

EPSS 0.0018

EPSS Percentile 7.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

rakuten/viber < 25.6.0

Published Sep 12, 2025

Tracked Since Feb 18, 2026