Remote Code Execution Vulnerability in DeepChat by ThinkInAIXYZ
CVE-2025-55733

9.7CRITICAL

Key Information:

Vendor: Thinkinaixyz
Status: Deepchat
Vendor: CVE Published:; 19 August 2025

🔔 Create Thinkinaixyz Vulnerability Alert

What is CVE-2025-55733?

DeepChat, a smart assistant by ThinkInAIXYZ, is susceptible to a remote code execution vulnerability prior to version 0.3.1. This flaw allows attackers to craft a malicious deepchat: URL embedded in an external site. When users interact with the link, the DeepChat application automatically processes the URL, potentially leading to the execution of arbitrary code on the user's device. The vulnerability has been mitigated in version 0.3.1, urging users to update immediately to safeguard their systems.

Affected Version(s)

deepchat < 0.3.1

References

https://github.com/ThinkInAIXYZ/deepchat/security/advisor...

x_refsource_CONFIRM

https://github.com/ThinkInAIXYZ/deepchat/commit/a0ff6f362...

x_refsource_MISC

CVSS V3.1

Score:

9.7

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2025
Vulnerability Reserved
Aug 14, 2025

CVE-2025-55733 Data

JSON