2 matches found
CVE-2025-54374
Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any website, including a malicious one they control. When a...
CVE-2025-54374
CVE-2025-54374 affects the Eidos framework for Personal Data Management, specifically versions ≤ 0.21.0. The underlying issue is a one-click remote code execution via the custom URL handler (eidos:). An attacker can embed a specially crafted eidos: URL on any website (including ones under their c...