CVE-2026-46526

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validateurl to validate the input URL. The...

GHSA-G23J-2VWM-5C25 local-deep-research has an SSRF bypass in `safe_get`

Summary The URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. Details The current project uses validateurl to validate the input URL. The main logic is to perform security checks on the host portion of the URL extracted by...

CVE-2026-46526

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validateurl to validate the input URL. The...

CVE-2026-43979

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...

EUVD-2026-32977

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validateurl to validate the input URL. The...

CVE-2026-46526 Local Deep Research: SSRF bypass in `safe_get`

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validateurl to validate the input URL. The...

CVE-2026-46526

CVE-2026-46526 concerns Local Deep Research. Before version 1.6.10, the URL validation flow had a logical flaw that could bypass SSRF protections because parsing differed between urlparse and the HTTP request library. The code first runs SSRF checks via validate_url and then uses requests.get to ...

CVE-2026-46526 Local Deep Research: SSRF bypass in `safe_get`

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validateurl to validate the input URL. The...

Local Deep Research 代码问题漏洞

Local Deep Research is an AI search assistant developed by LearningCircuit. Versions of Local Deep Research prior to 1.6.10 contained code vulnerabilities. These vulnerabilities stemmed from defects in the URL checking logic, which could be exploited by attackers, leading to SSRF attacks...

Local Deep Research 安全漏洞

Local Deep Research is an AI search assistant developed by LearningCircuit. Versions prior to 1.6.0 of Local Deep Research contained a security vulnerability. This vulnerability stemmed from PDFService.markdowntohtml not properly escaping user-controlled values, allowing authentication attackers ...

PT-2026-44472

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validate url to validate the input URL. Th...

Server-Side Request Forgery (SSRF)

local-deep-research is vulnerable to Server-Side Request ForgerySSRF. The vulnerability is due to the download service using raw requests.get without applying SSRF protections, which allows an attacker to submit malicious URLs to access internal services, cloud metadata endpoints, or perform...

CVE-2025-67743

Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...

EUVD-2025-204778

Local Deep Research is Vulnerable to Server-Side Request Forgery SSRF in Download Service...

Server-side Request Forgery (SSRF)

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadservice.py service. An attacker can access internal services and attempt ...

Local Deep Research 安全漏洞

Local Deep Research is an AI search assistant open-sourced by LearningCircuit. A security vulnerability exists in Local Deep Research version 1.3.0 through versions prior to 1.3.9 that stems from the download service not using SSRF protection, which could lead to a server-side request forgery...

Improper Input Validation

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Improper Input Validation via the HTML entity decoding logic in the client-side PDF export pipeline. An attacker can explo...

Open Redirect

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Open Redirect via the nextpage query parameter in the post-authentication redirection flow. An attacker can exploit this...

Insertion of Sensitive Information into Log File

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the logging of sensitive configuration data by the startresearch...

CVE-2025-57806

Local Deep Research is an AI-powered research assistant for deep, iterative research. Versions 0.2.0 through 0.6.7 stored confidential information, including API keys, in a local SQLite database without encryption. This behavior was not clearly documented outside of the database architecture page...