CVE-2025-55733

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/ThinkInAIXYZ/deepchat/commit/a0ff6f362e01ddceb7fd42d0af0b28b6184fb4d2", "name": "https://github.com/ThinkInAIXYZ/deepchat/commit/a0ff6f362e01ddceb7fd42d0af0b28b6184fb4d2", "tags": [], "refsource": ""}, {"url": "https://github.com/ThinkInAIXYZ/deepchat/security/advisories/GHSA-hqr4-4gfc-5p2j", "name": "https://github.com/ThinkInAIXYZ/deepchat/security/advisories/GHSA-hqr4-4gfc-5p2j", "tags": [], "refsource": ""}, {"url": "https://github.com/ThinkInAIXYZ/deepchat/security/advisories/GHSA-hqr4-4gfc-5p2j", "name": "https://github.com/ThinkInAIXYZ/deepchat/security/advisories/GHSA-hqr4-4gfc-5p2j", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they control. When a victim visits such a site or clicks on the link, the browser triggers the app\u2019s custom URL handler (deepchat:), causing the DeepChat application to launch and process the URL, leading to remote code execution on the victim\u2019s machine. This vulnerability is fixed in 0.3.1."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-55733", "ASSIGNER": "security-advisories@github.com"}}, "impact": {}, "publishedDate": "2025-08-19T19:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-19T21:15Z"}