102 matches found
CVE-2026-55604
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...
CVE-2026-55604
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...
CVE-2026-55604 @arikusi/deepseek-mcp-server has an Authorization Bypass Through User-Controlled Key
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...
CVE-2026-55604
DeepSeek MCP Server (DeepSeek V4) is vulnerable from v1.4.2 up to, but not including, v1.7.0. The issue stems from a process-global SessionStore that accepts caller-supplied session_id values without binding them to any authenticated principal or transport session. An attacker can enumerate activ...
CVE-2026-55604 @arikusi/deepseek-mcp-server has an Authorization Bypass Through User-Controlled Key
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global SessionStore accepts caller-supplied sessionid values without binding them to any authenticated principal or transport session. An attacker can enumerate active session I...
CVE-2026-55605
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of @arikusi/deepseek-mcp-server exposes POST /mcp without any authentication: createMcpExpressApp is called without an authProvider and no middleware guards t...
CVE-2026-55605 @arikusi/deepseek-mcp-server Missing Authentication on Self-Hosted HTTP MCP Endpoint
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of @arikusi/deepseek-mcp-server exposes POST /mcp without any authentication: createMcpExpressApp is called without an authProvider and no middleware guards t...
CVE-2026-55605 @arikusi/deepseek-mcp-server Missing Authentication on Self-Hosted HTTP MCP Endpoint
DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of @arikusi/deepseek-mcp-server exposes POST /mcp without any authentication: createMcpExpressApp is called without an authProvider and no middleware guards t...
CVE-2026-55605
Summary: CVE-2026-55605 affects the self-hosted HTTP transport of @arikusi/deepseek-mcp-server used with DeepSeek V4. starting in 1.4.2 and before 1.8.0, the POST /mcp endpoint is exposed without authentication due to createMcpExpressApp being called without an authProvider and missing route guar...
PT-2026-56971
Name of the Vulnerable Software and Affected Versions DeepSeek MCP Server versions 1.4.2 through 1.6.x Description The process-global SessionStore accepts caller-supplied session id values without binding them to an authenticated principal or transport session. This allows an attacker to enumerat...
AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the browser on both...
Malicious code in seekcode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f4fe5d868d0434123b1a29a739072fe0e0ec0f2efd1ceda4d2c16ccffecf105 When a user selects the advertised deepseek-cn provider, the package's defaultBaseUrlForProvider function in dist/chunk-6U42R724.js returns...
MAL-2026-4667 Malicious code in seekcode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f4fe5d868d0434123b1a29a739072fe0e0ec0f2efd1ceda4d2c16ccffecf105 When a user selects the advertised deepseek-cn provider, the package's defaultBaseUrlForProvider function in dist/chunk-6U42R724.js returns...
Server-side Request Forgery (SSRF)
Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchurl process. An attacker can gain unauthorized access to internal resources by supplying ...
DeepSeek TUI has SSRF IPV6 bypass
Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in URL as http://::1, the SSRF defenses do not work. Details...
Arbitrary Code Injection
Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Arbitrary Code Injection via the runtests process. An attacker can execute arbitrary code by introducing malicious test code into a...
NPM: DeepSeek TUI: run_tests Tool Enables RCE via Malicious Repository Without Approval
NPM: DeepSeek TUI: runtests Tool Enables RCE via Malicious Repository Without Approval vulnerability discovered by ? in WordPress Npm deepseek-tui versions = 0.3.0, 0.8.23...
Server-side Request Forgery (SSRF)
Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchurl process. An attacker can access sensitive internal resources by supplying a URL that...
NPM: DeepSeek TUI has SSRF via HTTP Redirect Bypass in fetch_url Tool
NPM: DeepSeek TUI has SSRF via HTTP Redirect Bypass in fetchurl Tool vulnerability discovered by ? in WordPress Npm deepseek-tui versions 0.8.22...
Kill-Chain Canaries: Stage-Level Tracking of Prompt Injection across Attack Surfaces and Model Safety Tiers
We present a stage-decomposed analysis of prompt injection attacks against five frontier LLM agents. Prior work measures task-level attack success rate ASR; we localize the pipeline stage at which each model's defense activates. We instrument every run with a cryptographic canary token...