CVE-2026-43899 - DeepChat: Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`
CVE ID :CVE-2026-43899 Published : May 11, 2026, 11:20 p.m. | 1 hour, 45 minutes ago Description :DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulner
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] How to verify AI-discovered vulnerabilities aren't just training data echoes
- [CYBER] Shlomo Kramer backs $26m AI cyber venture fund
- [CYBER] CVE-2026-8349 - omec-project amf NGAP Message memory corruption
- [CYBER] CVE-2026-8346 - D-Link DIR-816 portForward command injection
- [CYBER] Index Ventures backs cyber startup Frame in $50m round
- [CYBER] Google Detects First AI-Generated Zero-Day Exploit