CVE-2025-59053

Date: September 11, 2025

AIRI is a self-hosted, artificial intelligence based Grok Companion. In v0.7.2-beta.2 in the "packages/stage-ui/src/components/MarkdownRenderer.vue" path, the Markdown content is processed using the useMarkdown composable, and the processed HTML is rendered directly into the DOM using v-html. An attacker creates a card file containing malicious HTML/JavaScript, then simply processes it using the highlightTagToHtml function (which simply replaces template tags without HTML escaping), and then directly renders it using v-html, leading to cross-site scripting (XSS). The project also exposes the Tauri API, which can be called from the frontend. The MCP plugin exposes a command execution interface function in "crates/tauri-plugin-mcp/src/lib.rs". This allows arbitrary command execution. "connect_server" directly passes the user-supplied "command" and "args" parameters to "Command::new(command).args(args)" without any input validation or whitelisting. Thus, the previous XSS exploit could achieve command execution through this interface. v0.7.2-beta.3 fixes the issue.