CNNVD-202512-4182 Information
CNNVD ID
CNNVD-202512-4182
Related CVE
- CNNVD Published: 2025-12-23
Description (Chinese)
Local Deep Research是LearningCircuit开源的一个AI搜索助手。 Local Deep Research 1.3.0版本至1.3.9之前版本存在安全漏洞,该漏洞源于下载服务未使用SSRF保护,可能导致服务端请求伪造攻击。
Description (English)
Local Deep Research is an AI search assistant at the SpaceningCircuit Open Source. There is a security loophole in the previous versions of Local Deep Research 1.3.0 to 1.3.9, which stems from the fact that the download service did not use SSRF protection, which could lead the service to request a false attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
LearningCircuit
Published
2025-12-23
Last Modified
2026-02-24
References
https://github.com/LearningCircuit/local-deep-research/commit/b79089ff30c5d9ae77e6b903c408e1c26ad5c055 https://github.com/LearningCircuit/local-deep-research/security/advisories/GHSA-9c54-gxh7-ppjc https://access.redhat.com/security/cve/cve-2025-67743
Patch
https://github.com/LearningCircuit/local-deep-research/releases
Share on: