CVE-2025-69443

Name of the Vulnerable Software and Affected Versions Archon OS (affected versions not specified)

Description A flaw in the local API handling allows unauthenticated attackers to perform a web-to-client attack. By inducing a user to visit a malicious website, an attacker can bypass Cross-Origin Resource Sharing (CORS)—a security mechanism that restricts resources on a webpage from being requested from another domain—to trigger unauthorized local commands. This can lead to full Remote Code Execution (RCE) and complete system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.