CNNVD-202512-1668 Information

CNNVD ID

CNNVD-202512-1668

Related CVE

CVE-2025-66481

• CNNVD Published: 2025-12-09

Description (Chinese)

DeepChat是ThinkInAIXYZ开源的一款智能助手。 DeepChat 0.5.1及之前版本存在安全漏洞，该漏洞源于Mermaid内容清理不当，可能导致跨站脚本攻击和远程代码执行。

Description (English)

DeepChat is a smart-ass assistant to ThinkInAIXYZ’s open source. There is a security loophole in DeepChat 0.5.1 and previous versions, which stems from the inappropriate cleaning of Mermaid content, which could lead to cross-site script attacks and remote code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

ThinkInAIXYZ

Published

2025-12-09

Last Modified

2026-02-24

References

https://github.com/ThinkInAIXYZ/deepchat/security/advisories/GHSA-h9f5-7hhf-fqm4 https://access.redhat.com/security/cve/cve-2025-66481

Patch

https://deepchat.dev/