Browse all 5 CVE security advisories affecting ThinkInAIXYZ. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ThinkInAIXYZ develops enterprise AI solutions for data analytics and automation, with its core use case being intelligent business process optimization. Historically, the organization has been associated with multiple remote code execution (RCE) vulnerabilities and cross-site scripting (XSS) flaws in its web interfaces, alongside several privilege escalation issues in its API endpoints. The company maintains a moderate security posture with five CVEs recorded to date, though no major public security incidents have been documented. Its products typically require robust input validation and access controls to mitigate identified risks, particularly in multi-tenant deployment scenarios.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67744 | Mermaid XSS vulnerability leads to Remote Code Execution — deepchatCWE-94 | 9.7 | Critical | 2025-12-16 |
| CVE-2025-66481 | DeepChat's Incomplete XSS Fix Allows RCE through Mermaid Content — deepchatCWE-80 | 9.7 | Critical | 2025-12-09 |
| CVE-2025-66222 | DeepChat Cross-Site Scripting(XSS) escalate to Remote Code Execution(RCE) — deepchatCWE-94 | 9.7 | Critical | 2025-12-03 |
| CVE-2025-58768 | DeepChat's Mermaid rendering has XSS leading to RCE — deepchatCWE-94 | 9.7 | Critical | 2025-09-09 |
| CVE-2025-55733 | DeepChat One-click Remote Code Execution through Custom URL Handling — deepchatCWE-94 | 9.7 | Critical | 2025-08-19 |
This page lists every published CVE security advisory associated with ThinkInAIXYZ. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.