3 matches found
CVE-2026-43899 DeepChat: Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`
DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution bypass RCE. While the patch correctly restricted...
Proton 安全漏洞
Proton is an independent application developed by Steventhanna’s developer, which uses Electron to quickly preview and edit Markdown files. Versions of Proton prior to 1.6.16 have security vulnerabilities; these vulnerabilities stem from out-of-bound writing, which may lead to issues with the...
The vulnerability of the Electron application development software platform arises from access control errors, which allow a hacker to execute arbitrary code.
The vulnerability of the Electron application development software platform stems from access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted iframe element...