CVE-2026-22792

CVSS v3.1

9.6

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions 5ire versions prior to 0.15.3

Description 5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, unsafe HTML rendering allows untrusted HTML, including on* event attributes, to execute within the renderer context. An attacker can inject an

<img onerror=...>

payload to execute arbitrary JavaScript in the renderer. This JavaScript can call exposed bridge APIs, such as

window.bridge.mcpServersManager.createServer

, potentially leading to unauthorized creation of MCP servers and remote command execution.

Recommendations Update to version 0.15.3 or later.

Exploit

Fix

RCE

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-116

Related Identifiers

CVE-2026-22792

GHSA-P5FM-WM8G-RFFX

Affected Products

5Ire

CVE-2026-22792

Weakness Enumeration

Related Identifiers

Affected Products

References · 11