Description

DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they control. When a victim visits such a site or clicks on the link, the browser triggers the app’s custom URL handler (deepchat:), causing the DeepChat application to launch and process the URL, leading to remote code execution on the victim’s machine. This vulnerability is fixed in 0.3.1.

INFO

Published Date :

2025-08-19T18:26:38.741Z

Last Modified :

2025-08-19T20:49:59.391Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-55733 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-55733.

URL Resource
https://github.com/ThinkInAIXYZ/deepchat/commit/a0ff6f362e01ddceb7fd42d0af0b28b6184fb4d2 cve-icon cve-icon
https://github.com/ThinkInAIXYZ/deepchat/security/advisories/GHSA-hqr4-4gfc-5p2j cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact