CVE-2025-59417 – Lobe Chat versions before 1.129.4 contain a cro... (How to Fix)

Q: What is the severity of CVE-2025-59417?

CVE-2025-59417 has a CVSS score of 6.1 (MEDIUM). Lobe Chat versions before 1.129.4 contain a cross-site scripting (XSS) vulnerability in the SVG rendering component that can be escalated to remote code execution on user machines. Attackers who can inject content into chat messages (via malicious pages, compromised servers, or tool integrations) can exploit this. All users running vulnerable versions are affected.

📋 TL;DR

Lobe Chat versions before 1.129.4 contain a cross-site scripting (XSS) vulnerability in the SVG rendering component that can be escalated to remote code execution on user machines. Attackers who can inject content into chat messages (via malicious pages, compromised servers, or tool integrations) can exploit this. All users running vulnerable versions are affected.

💻 Affected Systems

Products:

Lobe Chat

Versions: All versions prior to 1.129.4

Operating Systems: All platforms running Lobe Chat

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration when handling SVG content in chat messages.

📦 What is this software?

Lobe Chat by Lobehub

View all CVEs affecting Lobe Chat →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution on user machines leading to complete system compromise, data theft, or malware installation.

🟠

Likely Case

Session hijacking, credential theft, or unauthorized actions within the chat application via XSS.

🟢

If Mitigated

Limited impact with proper input validation and output encoding, potentially only minor UI manipulation.

🌐 Internet-Facing: HIGH - Web applications are directly accessible and vulnerable to XSS attacks from external sources.

🏢 Internal Only: MEDIUM - Internal users could still be targeted via phishing or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to inject content into chat messages, which could be achieved through various attack vectors including prompt injection, compromised MCP servers, or malicious tool integrations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.129.4

Vendor Advisory: https://github.com/lobehub/lobe-chat/security/advisories/GHSA-m79r-r765-5f9j

Restart Required: No

Instructions:

1. Update Lobe Chat to version 1.129.4 or later. 2. Verify the update was successful by checking the version. 3. No restart required for web applications, but ensure all instances are updated.

🔧 Temporary Workarounds

Disable SVG rendering

all

Temporarily disable SVG content rendering in chat messages to prevent exploitation.

Modify application configuration to reject or sanitize SVG content in chat messages

Implement Content Security Policy

web

Add strict CSP headers to limit script execution and inline content.

Add Content-Security-Policy header with script-src 'self' and object-src 'none'

🧯 If You Can't Patch

Implement strict input validation and output encoding for all user-controlled content
Deploy web application firewall with XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check if Lobe Chat version is below 1.129.4 by examining package.json or application version information.

Check Version:

Check package.json for version field or use application's built-in version check

Verify Fix Applied:

Confirm version is 1.129.4 or higher and test that SVG content in chat messages is properly sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual chat messages containing SVG or script tags
Multiple failed attempts to inject malicious content

Network Indicators:

HTTP requests containing malicious SVG payloads in chat data

SIEM Query:

source="web_logs" AND (message="<svg" OR message="<script") AND status=200

📊 Metadata

CVE ID: CVE-2025-59417

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.08% exploit probability (22.9th percentile)

Published: September 18, 2025

Last Updated: September 25, 2025

🔗 References

https://github.com/lobehub/lobe-chat/commit/9f044edd07ce102fe9f4b2fb47c62191c36da05c Patch
https://github.com/lobehub/lobe-chat/security/advisories/GHSA-m79r-r765-5f9j Exploit,Vendor Advisory
https://github.com/lobehub/lobe-chat/security/advisories/GHSA-m79r-r765-5f9j Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-59417, you might also want to check these: