CVE-2025-9474 – Mihomo Party Local File Inclusion Vulnerability

CVE ID : CVE-2025-9474

Published : Aug. 26, 2025, 5:15 a.m. | 1 hour, 21 minutes ago

Description : A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used.

Severity: 4.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…