CVE-2026-43900 - DeepChat: Persistent DOM XSS via HTML Entity Encoding in `<antArtifact>` SVG Rendering (Bypass of `svgSanitizer.ts`)
CVE ID :CVE-2026-43900 Published : May 11, 2026, 11:20 p.m. | 1 hour, 45 minutes ago Description :DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting (XSS) vulnerability exists due to a discrep
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] How to verify AI-discovered vulnerabilities aren't just training data echoes
- [CYBER] Shlomo Kramer backs $26m AI cyber venture fund
- [CYBER] CVE-2026-8349 - omec-project amf NGAP Message memory corruption
- [CYBER] CVE-2026-8346 - D-Link DIR-816 portForward command injection
- [CYBER] Index Ventures backs cyber startup Frame in $50m round
- [CYBER] Google Detects First AI-Generated Zero-Day Exploit