Remote Code Execution Vulnerability in Eidos Personal Data Management Framework
CVE-2025-54374

8.8HIGH

Key Information:

Vendor: Mayneyao
Status: Eidos
Vendor: CVE Published:; 3 October 2025

What is CVE-2025-54374?

The Eidos Personal Data Management Framework, in versions 0.21.0 and earlier, has a vulnerability that allows remote code execution through crafted URLs. An attacker can exploit this flaw by embedding an 'eidos:' URL link on a website, which can be malicious. When users click on such links, the browser activates the app’s URL handler, leading the Eidos application to execute the URL, potentially resulting in harmful actions on the victim's device. Currently, there is no fix available for this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

eidos <= 0.21.0

References

https://github.com/mayneyao/eidos/security/advisories/GHS...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 3, 2025
Vulnerability Reserved
Jul 21, 2025

JSON

Mayneyao

What is CVE-2025-54374?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.