CVE-2025-67744
- EPSS 0.27%
- Veröffentlicht 16.12.2025 00:42:21
- Zuletzt bearbeitet 02.01.2026 18:44:14
DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to version 0.5.3, a security vulnerability exists in the Mermaid diagram rendering component that allows arbitrary JavaScript execution. D...
CVE-2025-66481
- EPSS 0.26%
- Veröffentlicht 09.12.2025 00:25:08
- Zuletzt bearbeitet 11.12.2025 18:47:33
DeepChat is an open-source AI chat platform that supports cloud models and LLMs. Versions 0.5.1 and below are vulnerable to XSS attacks through improperly sanitized Mermaid content. The recent security patch for MermaidArtifact.vue is insufficient an...
CVE-2025-66222
- EPSS 0.27%
- Veröffentlicht 03.12.2025 18:34:44
- Zuletzt bearbeitet 05.12.2025 15:37:59
DeepChat is a smart assistant uses artificial intelligence. In 0.5.0 and earlier, there is a Stored Cross-Site Scripting (XSS) vulnerability in the Mermaid diagram renderer allows an attacker to execute arbitrary JavaScript within the application con...
CVE-2025-58768
- EPSS 0.09%
- Veröffentlicht 09.09.2025 20:19:52
- Zuletzt bearbeitet 18.09.2025 20:26:13
DeepChat is a smart assistant uses artificial intelligence. Prior to version 0.3.5, in the Mermaid chart rendering component, there is a risky operation of directly using `innerHTML` to set user content. Therefore, any malicious content rendered via ...
CVE-2025-55733
- EPSS 0.23%
- Veröffentlicht 19.08.2025 18:26:38
- Zuletzt bearbeitet 17.09.2025 17:58:46
DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on a...