CVE-2026-45046

Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive...

PT-2026-39902

Name of the Vulnerable Software and Affected Versions Gryph versions prior to 0.7.0 Description Gryph implements logging levels to control content stored in a local sqlite database. The default log level is set to standard, although documentation incorrectly states it is minimal. At both standard...

Cleartext Storage of Sensitive Information

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in a local SQLite database. An attacker can access sensitive information,...

CVE-2025-57806 Local Deep Research's API keys are stored in plain text

Local Deep Research is an AI-powered research assistant for deep, iterative research. Versions 0.2.0 through 0.6.7 stored confidential information, including API keys, in a local SQLite database without encryption. This behavior was not clearly documented outside of the database architecture page...

PT-2025-35648

Name of the Vulnerable Software and Affected Versions: Local Deep Research versions 0.2.0 through 0.6.7 Description: Local Deep Research stores confidential information, including API keys, in a local SQLite database without encryption. This behavior was not clearly documented. Users were not giv...