Untrusted JSON Manual Fetching Vulnerability in Universal Tool Calling Protocol
CVE-2025-14542
7.5HIGH
What is CVE-2025-14542?
This vulnerability allows a malicious provider to alter a JSON specification, known as a Manual, fetched by a client from a remote endpoint. Initially, a trusted provider may serve benign instructions; however, after establishing trust, they can modify the manual to maliciously manipulate client behavior. This poses a significant security risk as it enables unauthorized commands to be executed, potentially leading to exploitation of the client system.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved