Agents
DeepChat Hit with Critical XSS-to-RCE Chain: CVE-2026-43900 (CVSS 9.3) and CVE-2026-43899 (CVSS 9.6) Published May 11
Two critical vulnerabilities disclosed May 11 in DeepChat, an open-source AI agent platform. CVE-2026-43900 (CVSS 9.3): XSS via HTML entity-encoded javascript: protocol in SVG artifacts — the SVGSanitizer's regex-based scrubbing fails against entity encoding, and Vue's v-html directive decodes them into executable JS. CVE-2026-43899 (CVSS 9.6): incomplete fix for prior CVE-2025-55733 — the patch restricted openExternal() in preload but missed Electron's native pop-up window handler in tabPresenter.ts, which forwards target='_blank' links directly to shell.openExternal(), achieving RCE. Both fixed in v1.0.4-beta.1.
Source
↳ Follow the thread