CVE-2025-66025

Name of the Vulnerable Software and Affected Versions Caido versions prior to 0.53.0

Description Caido, a web security auditing toolkit, had a flaw in its Markdown renderer used on the Findings page. This flaw allowed attacker-controlled links to be rendered without confirmation when processing user-supplied Markdown. Clicking these injected links could redirect the Caido application to a domain controlled by an attacker, potentially enabling phishing attacks.

Recommendations Update to version 0.53.0 or later.