CVE-2025-47777 5ire Client Vulnerable to Cross-Site Scripting (XSS) and Remote Code Execution (RCE)

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Versions prior to 0.11.1 are vulnerable to stored cross-site scripting in chatbot responses due to insufficient sanitization. This, in turn, can lead to Remote Code Execution RCE via unsafe...

PT-2025-21176 · Electron +1 · Electron +1

Name of the Vulnerable Software and Affected Versions: 5ire versions prior to 0.11.1 Description: The issue is related to stored cross-site scripting in chatbot responses due to insufficient sanitization, which can lead to Remote Code Execution RCE via unsafe Electron protocol handling and expose...