CVE-2026-22792CRITICAL 9.6EPSS p48.8%

CVE-2026-22792CVE-2026-22792

Description

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe HTML rendering permits untrusted HTML (including on* event attributes) to execute in the renderer context. An attacker can inject an `<img onerror=...>` payload to run arbitrary JavaScript in the renderer, which can call exposed bridge APIs such as `window.bridge.mcpServersManager.createServer`. This enables unauthorized creation of MCP servers and lead to remote command execution. Version 0.15.3 fixes the issue.

Scoring

CVSS 3.19.6 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS0.71% probability of exploitation · percentile 48.8% · 2026-06-19T12:03:05Z
Published2026-01-21
Last modified2026-01-29

Underlying weaknesses· 1

CWE-116

References

  1. https://github.com/nanbingxyz/5ire/releases/tag/v0.15.3
  2. https://github.com/nanbingxyz/5ire/security/advisories/GHSA-p5fm-wm8g-rffx

1

TypeTargetConfidenceTier
WeaknessImproper Encoding or Escaping of Outputcwe-1160%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-22793
CVE
CVE-2025-58357
CVE
CVE-2025-47777
CVE
CVE-2025-68669
CVE
CVE-2025-66222
CVE
CVE-2025-67744
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.