AVID-2026-R1709

Description

5ire Client Vulnerable to Cross-Site Scripting (XSS) and Remote Code Execution (RCE) (CVE-2025-47777)

Details

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Versions prior to 0.11.1 are vulnerable to stored cross-site scripting in chatbot responses due to insufficient sanitization. This, in turn, can lead to Remote Code Execution (RCE) via unsafe Electron protocol handling and exposed Electron APIs. All users of 5ire client versions prior to patched releases, particularly those interacting with untrusted chatbots or pasting external content, are affected. Version 0.11.1 contains a patch for the issue.

Reason for inclusion in AVID: CVE-2025-47777 describes a stored XSS and RCE in the 5ire desktop AI assistant client (Electron-based). This is a software vulnerability in a component used to interact with AI systems, potentially exploited in AI workflows; it affects software used in AI tooling and deployment, thus a software supply-chain vulnerability in AI stacks. Evidence includes CVE text, description, and patch info.

References

• NVD entry
• https://github.com/nanbingxyz/5ire/security/advisories/GHSA-mr8w-mmvv-6hq8
• https://github.com/nanbingxyz/5ire/commit/56601e012095194a4be0d4cb6da6b5b3cb53dea8
• https://positive.security/blog/url-open-rce
• https://shabarkin.notion.site/1-click-RCE-in-Electron-Applications-501c2e96e7934610979cd3c72e844a22
• https://www.electronjs.org/docs/latest/tutorial/security
• https://www.youtube.com/watch?v=ROFYhS9E9eU

Affected or Relevant Artifacts

• Developer: nanbingxyz
• Deployer: nanbingxyz
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2025-05-14
• Version: 0.3.3
• AVID Entry