CVE-2026-22793

Name of the Vulnerable Software and Affected Versions 5ire versions prior to 0.15.3

Description 5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. A flaw in the ECharts Markdown plugin allows any user capable of submitting ECharts code blocks to execute arbitrary JavaScript code within the renderer context. This can lead to Remote Code Execution (RCE) in environments where privileged APIs are accessible, potentially resulting in full compromise of the host system. The issue stems from an unsafe option parsing mechanism within the ECharts Markdown plugin.

Recommendations Update to version 0.15.3 to address the issue.