{"uuid": "fcec653c-974d-4eea-8fdb-06a47e4d1906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59978", "type": "seen", "source": "https://t.me/bhhub/1170", "content": "Weekly Brief \u2014 Actively Exploited & Critical Vulns\n\nOne-click RCE chains, cross-site scripting in network management suites, and LLM interface takeover vectors defined this week\u2019s threat landscape.  \nThe most urgent issues involve active exploitation, drive-by execution, and critical CVSS \u2265 9 vulnerabilities in AI and enterprise tools.\n\n\u2b50\ufe0f CVE-2025-61929 \u2014 Cherry Studio (One-Click RCE via URL Protocol, CVSS 9.6)\n\nProduct: Cherry Studio (Desktop LLM client)  \nVector: cherrystudio:// custom URL scheme \u2192 base64-encoded command execution\n\nCherry Studio registers a custom URL handler (`cherrystudio://`) that processes encoded configuration data and executes embedded commands.  \nAttackers can host malicious URLs that trigger arbitrary command execution upon a single click \u2014 no secondary confirmation required.  \nExploitation was observed within 48 hours of disclosure.\n\nhttps://github.com/cherry-studio/advisories\n\n\u2b50\ufe0fCVE-2025-59978 \u2014 Juniper Junos Space (Stored XSS \u2192 Admin Command Execution, CVSS 9.0)\n\n\nProduct: Juniper Networks Junos Space (< 24.1R4)  \nVector: Persistent JavaScript injection in management web interface\n\nImproper input sanitization in Junos Space allows stored XSS, which can escalate to admin-level command execution when viewed by privileged users.  \nExploitation has been observed in active campaigns, potentially linked to Cl0p ransomware operators targeting network appliances.\n\nhttps://supportportal.juniper.net/JSA103140\n\n\u2b50\ufe0f CVE-2025-59159 \u2014 SillyTavern (DNS Rebinding / Remote Takeover, CVSS 9.6)\n\nProduct: SillyTavern (LLM Web Interface < 1.13.4)  \nVector: Insecure hostname validation \u2192 DNS rebinding attack\n\nSillyTavern\u2019s local web server does not properly validate inbound host headers.  \nAttackers can exploit DNS rebinding to interact with local AI instances remotely \u2014 stealing API keys or installing malicious extensions.\n\nhttps://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-7cxj-w27x-x78q", "creation_timestamp": "2025-10-21T13:59:09.000000Z"}