Key Information Summary Vulnerability Overview Vulnerability Type: Remote Code Execution (RCE) Affected Versions: v0.5.14 and earlier Cause: Opening external websites within the application and exposing without URL filtering. Details 1. Rendered Links: - Rendered links appear in conversations in two ways. - When users click these links, the websites open in the current window. 2. Opening External Websites within the Application: - When users click such links, the websites open in the application’s current window. 3. Exposure of : - exposes a set of APIs to the renderer process, including , which sends an IPC message to the main process to open an external URL. - Upon receiving the IPC message, the main process opens the link without filtering. - This allows opening local executable files, leading to remote code execution. Mitigation Measures 1. Do Not Open Rendered External Links within the Application: - Open them in an external browser. - Two methods to fix this: - Render links as . - Hook the function listening to . 2. URL Filtering in Main Process: - Only allow URLs starting with and to be opened. 3. Reduce Exposure of : - Consider removing some exposed APIs from the renderer process, or disallow passing arbitrary parameters. Impact This vulnerability enables remote code execution, affecting . Patch The vulnerability has been fixed in this pull request.