CVE-2025-59417: Lobe Chat Desktop vulnerable to Remote Code Execution via XSS in Chat Messages
(updated )
We identified a cross-site scripting (XSS) vulnerability when handling chat message in lobe-chat that can be escalated to remote code execution on the user’s machine. Any party capable of injecting content into chat messages, such as hosting a malicious page for prompt injection, operating a compromised MCP server, or leveraging tool integrations, can exploit this vulnerability.
References
- github.com/advisories/GHSA-m79r-r765-5f9j
- github.com/lobehub/lobe-chat
- github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/apps/desktop/src/main/controllers/SystemCtr.ts
- github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Conversation/components/MarkdownElements/LobeArtifact/index.ts
- github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Conversation/components/MarkdownElements/LobeArtifact/rehypePlugin.ts
- github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Portal/Artifacts/Body/Renderer/SVG.tsx
- github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Portal/Artifacts/Body/Renderer/index.tsx
- github.com/lobehub/lobe-chat/commit/9f044edd07ce102fe9f4b2fb47c62191c36da05c
- github.com/lobehub/lobe-chat/security/advisories/GHSA-m79r-r765-5f9j
- nvd.nist.gov/vuln/detail/CVE-2025-59417
Code Behaviors & Features
Detect and mitigate CVE-2025-59417 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →