PT-2025-35861 · 5Ire · 5Ire
Jackfromeast
·
Published
2025-09-04
·
Updated
2026-05-23
·
CVE-2025-58357
CVSS v3.1
9.6
Critical
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
5ire versions prior to 0.14.0
Description
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. A flaw in the chat page's script gadgets allows content injection attacks. This can be achieved through several vectors, including malicious prompt injection pages, compromised MCP servers, and exploited tool integrations.
Recommendations
Update to version 0.14.0.
Exploit
Fix
RCE
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
5Ire