CVE-2025-68669

Description

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits the rendering of HTML tags within Mermaid diagram nodes. This issue has not been patched at time of publication.

CVSS Details

CVSS Score

9.6

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:5ire:5ire:*:*:*:*:*:*:*:* - VULNERABLE

5ire < 0.15.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-68669
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-68669
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-68669/
[4] VulDB https://vuldb.com/cve/CVE-2025-68669
[5] https://github.com/nanbingxyz/5ire/blob/c40d05a2b546094789fc727daa5383bb15034442/src/hooks/useMarkdown.ts#L156
[6] https://github.com/nanbingxyz/5ire/commit/1fbe40d0bfbfe215370d45b9af856c286d67d3f2
[7] https://github.com/nanbingxyz/5ire/releases/tag/v0.15.2
[8] https://github.com/nanbingxyz/5ire/security/advisories/GHSA-5hpf-p8fw-j349
[9] https://github.com/nanbingxyz/5ire/security/advisories/GHSA-5hpf-p8fw-j349

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-68669", "sourceIdentifier": "[email protected]", "published": "2025-12-23T23:15:45.470", "lastModified": "2026-02-06T20:16:08.757", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits the rendering of HTML tags within Mermaid diagram nodes. This issue has not been patched at time of publication."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "baseScore": 9.6, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:5ire:5ire:*:*:*:*:*:*:*:*", "versionEndExcluding": "0.15.2", "matchCriteriaId": "C6B0601E-7CF5-474D-A57A-8771BBAF2BEC"}]}]}], "references": [{"url": "https://github.com/nanbingxyz/5ire/blob/c40d05a2b546094789fc727daa5383bb15034442/src/hooks/useMarkdown.ts#L156", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/nanbingxyz/5ire/commit/1fbe40d0bfbfe215370d45b9af856c286d67d3f2", "source": "[email protected]"}, {"url": "https://github.com/nanbingxyz/5ire/releases/tag/v0.15.2", "source": "[email protected]", "tags": ["Release Notes"]}, {"url": "https://github.com/nanbingxyz/5ire/security/advisories/GHSA-5hpf-p8fw-j349", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://github.com/nanbingxyz/5ire/security/advisories/GHSA-5hpf-p8fw-j349", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"]}]}}