PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43979 LearningCircuit CVE debrief

## Summary CVE-2026-43979 is a **medium-severity** (CVSS 5.0) vulnerability in Local Deep Research, an AI-powered research assistant. The flaw exists in versions prior to 1.6.0 and allows authenticated attackers to inject arbitrary HTML via unescaped user-controlled values in PDF generation, which can be chained to bypass SSRF defenses. ## Technical Analysis The vulnerability resides in `PDFService._markdown_to_html()`, which constructs HTML documents by directly interpolating user-controlled `title` (from `research.title` or `research.query`) and metadata key-value pairs into an f-string **without HTML escaping**. This HTML injection is processed by WeasyPrint during PDF export. The attack chain works as follows: 1. An authenticated attacker crafts a research query containing HTML special characters 2. The unescaped input is interpolated into the HTML document structure 3. WeasyPrint processes the malicious HTML during PDF generation 4. The injected content can trigger Server-Side Request Forgery (SSRF), bypassing existing protections in `ssrf_validator.py` The CVSS vector `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N` indicates: - **Attack Vector**: Network - **Attack Complexity**: Low - **Privileges Required**: Low (authenticated) - **User Interaction**: None - **Scope**: Changed (impact beyond vulnerable component) - **Confidentiality**: Low impact - **Integrity/Availability**: None ## Affected Versions - **Vulnerable**: Local Deep Research versions **prior to 1.6.0** - **Fixed**: Version **1.6.0** ## Weaknesses Per source analysis, this vulnerability involves: - **CWE-79**: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - **CWE-918**: Server-Side Request Forgery (SSRF) ## Timeline | Event | Date | |-------|------| | CVE Published | 2026-05-28 19:16:38 UTC | | CVE Modified | 2026-05-28 20:16:23 UTC | ## Recommended Actions 1. **Immediate**: Upgrade Local Deep Research to version **1.6.0** or later 2. **Verification**: Confirm fix deployment via the project's GitHub security advisories and pull requests 3. **Defense in Depth**: Review any PDF export functionality for proper output encoding, and ensure SSRF验证

Vendor
LearningCircuit
Product
local-deep-research
CVSS
MEDIUM 5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-28
Original CVE updated
2026-05-28
Advisory published
2026-05-28
Advisory updated
2026-05-28

Who should care

Organizations running Local Deep Research prior to version 1.6.0; security teams monitoring AI/ML application security; developers implementing PDF generation with user-controlled content

Technical summary

Authenticated HTML injection in PDF generation enables SSRF bypass

Defensive priority

medium

Recommended defensive actions

  • Upgrade Local Deep Research to version 1.6.0 or later
  • Verify fix deployment through project security advisories
  • Review PDF export implementations for proper HTML output encoding
  • Audit SSRF defense mechanisms for bypass opportunities via secondary injection vectors

Evidence notes

All technical details sourced from official CVE record and NVD entry. Fix version 1.6.0 explicitly confirmed in source description. CWE classifications and CVSS vector from NVD source metadata.

Official resources

This vulnerability was disclosed through GitHub Security Advisories. Multiple pull requests (3082, 3613) were involved in addressing the issue.