9 matches found
CVE-2025-55204
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...
CVE-2025-55204
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...
CVE-2025-55204 muffon has One-click Remote Code Execution via XSS and Custom URL Handling
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...
CVE-2025-55204 muffon has One-click Remote Code Execution via XSS and Custom URL Handling
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...
EUVD-2025-206240
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...
CVE-2025-55204 muffon has One-click Remote Code Execution via XSS and Custom URL Handling
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...
CVE-2025-55204
The CVE-2025-55204 entry concerns the Muffon desktop music client. Affected versions are prior to 2.3.0, where a one-click Remote Code Execution (RCE) vulnerability exists via a specially crafted muffon:// link. When a user visits a page or clicks the link, Muffon’s custom URL handler is triggere...
muffon 代码注入漏洞
muffon is a music playback software by Aleksey Shpakovsky Personal Developer. A code injection vulnerability exists in muffon versions prior to 2.3.0, which stems from mishandling of specially crafted muffon links that could lead to remote code execution...
PT-2026-1311
Name of the Vulnerable Software and Affected Versions muffon versions prior to 2.3.0 Description muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a Remote Code Execution RCE issue. An attacker can exploit this by embedding a specially crafted muffon://...