VYPR
Medium severity4.5NVD Advisory· Published Aug 26, 2025· Updated Apr 29, 2026

CVE-2025-9474

CVE-2025-9474

Description

A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used.

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.