Security: ThinkInAIXYZ/deepchat
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`GHSA-cp8j-jx7q-7r5f published
Apr 25, 2026 by zerob13Critical -
Persistent DOM XSS via HTML Entity Encoding in `<antArtifact>` SVG Rendering (Bypass of `svgSanitizer.ts`)GHSA-7r59-67v3-3mgp published
Apr 25, 2026 by zerob13Critical -
Remote Code Execution (RCE) via Mermaid XSSGHSA-w8w8-82pv-5rg9 published
Dec 13, 2025 by zerob13Critical -
Incomplete XSS Fix Allows RCEGHSA-h9f5-7hhf-fqm4 published
Dec 8, 2025 by zerob13Critical -
Cross-Site Scripting(XSS) escalate to Remote Code Execution(RCE)GHSA-v8v5-c872-mf8r published
Dec 3, 2025 by zerob13Critical -
Mermaid rendering has XSS leading to RCEGHSA-f7q5-vc93-wp6j published
Sep 9, 2025 by zerob13Critical -
One-click Remote Code Execution through Custom URL Handling in DeepChat v0.3.0GHSA-hqr4-4gfc-5p2j published
Aug 19, 2025 by zerob13Critical
Learn more about advisories related to ThinkInAIXYZ/deepchat in the GitHub Advisory Database