{"data":{"id":"eb0f2564-e0a1-4f46-afd9-d45bf1bf867a","title":"CVE-2025-58357: 5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 con","summary":"5ire version 0.13.2, a desktop AI assistant and model context protocol client (software that lets AI models interact with external tools), contains a vulnerability that allows content injection attacks (inserting malicious code into web pages) through multiple routes including malicious prompts, compromised servers, and exploited tool connections. This vulnerability is fixed in version 0.14.0.","solution":"Update to version 0.14.0, which contains the fix for this vulnerability.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-58357","publishedAt":"2025-09-04T10:42:32.810Z","cveId":"CVE-2025-58357","cweIds":["CWE-79"],"cvssScore":"9.6","cvssSeverity":"critical","severity":"critical","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["5ire"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00075,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-198","CAPEC-86"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}