CVE-2026-21853 AFFiNE: One-click Remote Code Execution through Custom URL Handling

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...

OpenClaw

🦞 Moltbot/Clawdbot 1-Click RCE PoC A simplified, single-scrip...

CVE-2025-68952

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution RCE vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction 1-click. This issue has been...

CVE-2025-68952

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution RCE vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction 1-click. This issue has been...

CVE-2025-61929 Cherry Studio allows one-click on a specific URL to cause a command to execute

Cherry Studio is a desktop client that supports for multiple LLM providers. Cherry Studio registers a custom protocol called cherrystudio://. When handling the MCP installation URL, it parses the base64-encoded configuration data and directly executes the command within it. In the files...

CVE-2025-61929 Cherry Studio allows one-click on a specific URL to cause a command to execute

Cherry Studio is a desktop client that supports for multiple LLM providers. Cherry Studio registers a custom protocol called cherrystudio://. When handling the MCP installation URL, it parses the base64-encoded configuration data and directly executes the command within it. In the files...

EUVD-2025-32374

Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any website, including a malicious one they control. When a...

CVE-2025-54374 Eidos: One-click Remote Code Execution through Custom URL Handling

Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any website, including a malicious one they control. When a...

PT-2025-40596

Name of the Vulnerable Software and Affected Versions Eidos versions 0.21.0 and below Description Eidos is a framework for Personal Data Management. Versions 0.21.0 and below have a remote code execution issue. An attacker can trigger this by embedding a specially crafted eidos: URL on a website...

CVE-2025-53838

LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...

CVE-2025-55733

DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they...

CVE-2025-55733 DeepChat One-click Remote Code Execution through Custom URL Handling

DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they...

CVE-2025-54063

Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on a...

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

We would like to thank The Citizen Lab for their cooperation, support and inputs into this research. Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a...

Microsoft Discover Severe 'One-Click' Exploit for TikTok Android App

Microsoft on Wednesday disclosed details of a now-patched "high severity vulnerability" in the TikTok app for Android that could let attackers take over accounts when victims clicked on a malicious link. "Attackers could have leveraged the vulnerability to hijack an account without users' awarene...

Exploit for CVE-2022-30190

Follina Proof of Concept CVE-2022-30190 Quick and easy "pro...

How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link

It's 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery CSRF vulnerability in the most popular social media platform that could have...