Zlatinb

**Name of the Vulnerable Software and Affected Versions** MuWire versions prior to 0.8.8 **Description** The issue allows an attacker to de-anonymize users of the MuWire desktop client by sending a message with a subject line containing a URL with an HTML image tag. When the MuWire client attempts to fetch the image via clearnet, it exposes the user's IP address. **Recommendations** For versions prior to 0.8.8, update to MuWire 0.8.8 to resolve the issue. As a temporary workaround, consider disabling the messaging functionality to prevent other users from sending malicious messages.