3 matches found
CVE-2025-67743
CVE-2025-67743 affects Local Deep Research. The vulnerability lies in the download service (download_service.py) where HTTP requests are made with raw requests.get() without SSRF protection, bypassing safeguards in safe_requests.py/ssrf_validator.py. This can allow an attacker to access internal ...
CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service
Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...
CVE-2025-67743
creationtimestamp| type| source ---|---|--- 2025-12-22 23:48:26+00:00| published-proof-of-concept| https://github.com/LearningCircuit/local-deep-research/security/advisories/GHSA-9c54-gxh7-ppjc...