CVE-2025-5962

Name of the Vulnerable Software and Affected Versions Lightspeed (affected versions not specified)

Description A flaw exists in the Lightspeed history service due to insufficient access controls. A local, unprivileged user can access and manipulate the chat history of another user on the same system. An attacker can view, delete, or inject arbitrary history entries, potentially deceiving another user into executing harmful actions through social engineering, leading to privilege misuse or unauthorized command execution. The issue involves abusing inter-process communication calls to the history service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.