CVE-2026-22792 - Vulnerability Details

- 5ire vulnerable to Remote Code Execution (RCE)

Description

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe HTML rendering permits untrusted HTML (including on* event attributes) to execute in the renderer context. An attacker can inject an `<img onerror=...>` payload to run arbitrary JavaScript in the renderer, which can call exposed bridge APIs such as `window.bridge.mcpServersManager.createServer`. This enables unauthorized creation of MCP servers and lead to remote command execution. Version 0.15.3 fixes the issue.

Published: 2026-01-21

Score: 9.7 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An unsafe HTML rendering path in 5ire allows untrusted HTML—including event handler attributes—to be executed in the renderer process. By injecting a payload such as `<img onerror=...>`, an attacker can run arbitrary JavaScript. This JavaScript can call exposed bridge APIs like `window.bridge.mcpServersManager.createServer`, enabling the attacker to create new MCP servers and ultimately execute remote commands on the host system.

Affected Systems

The vulnerability affects the 5ire application developed by nanbingxyz. All releases prior to version 0.15.3 are impacted. Version 0.15.3 and later contain the fix.

Risk and Exploitability

The vulnerability has a CVSS score of 9.7, indicating critical severity. The EPSS score is less than 1%, suggesting a low probability of exploitation as of this analysis, and the vulnerability is not listed in CISA’s KEV catalog. Based on the description, the attack requires delivery of malicious HTML content to the renderer, which could be achieved by an attacker who can influence the content viewed by the application. The bridge API exposure further elevates the impact to full remote code execution on the host.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

nanbingxyz

5ire

affected

Version	Status	Constraints
`< 0.15.3`	affected	—

Configuration 1 [-]

cpe:2.3:a:5ire:5ire:*:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Nanbingxyz	5ire	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade 5ire to version 0.15.3 or later to apply the vendor-provided fix.
Disable or limit the use of the `window.bridge.mcpServersManager.createServer` API by configuring the application or removing the feature if it is not required.
Monitor the application logs for any unauthorized creation of MCP servers and review access controls to mitigate potential misuse.

Generated by OpenCVE AI on April 18, 2026 at 15:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00439.

Exploitation poc

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/nanbingxyz/5ire/releases/tag/v0.15.3
https://github.com/nanbingxyz/5ire/security/advisories/GHSA-p5fm-wm8g-rffx

History

Thu, 29 Jan 2026 20:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		5ire 5ire 5ire
CPEs		cpe:2.3:a:5ire:5ire::::::::
Vendors & Products		5ire 5ire 5ire

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Nanbingxyz Nanbingxyz 5ire
Vendors & Products		Nanbingxyz Nanbingxyz 5ire

Wed, 21 Jan 2026 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 21 Jan 2026 21:15:00 +0000

Type	Values Removed	Values Added
Description		5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe HTML rendering permits untrusted HTML (including on* event attributes) to execute in the renderer context. An attacker can inject an `<img onerror=...>` payload to run arbitrary JavaScript in the renderer, which can call exposed bridge APIs such as `window.bridge.mcpServersManager.createServer`. This enables unauthorized creation of MCP servers and lead to remote command execution. Version 0.15.3 fixes the issue.
Title		5ire vulnerable to Remote Code Execution (RCE)
Weaknesses		CWE-116
References		https://github.com/nanbingxyz/5ire/releases/tag/v0.15.3 https://github.com/nanbingxyz/5ire/security/advisories/GHSA-p5fm-wm8g-rffx
Metrics		cvssV3_1 `{'score': 9.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}`

Subscriptions

5ire 5ire

Nanbingxyz 5ire

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-01-21T20:54:18.108Z

Updated: 2026-01-21T21:26:47.676Z

Reserved: 2026-01-09T18:27:19.389Z

Link: CVE-2026-22792

Vulnrichment

Updated: 2026-01-21T21:26:43.295Z

NVD

Status : Analyzed

Published: 2026-01-21T21:16:09.957

Modified: 2026-01-29T19:46:50.240

Link: CVE-2026-22792

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T15:45:04Z

Weaknesses

CWE-116

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation poc

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object