CVE-2026-2532
lintsinghua DeepAudit IP Address embedding_config.py server-side request forgery
CVSS Score
6.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability was detected in lintsinghua DeepAudit up to 3.0.3. This issue affects some unknown processing of the file backend/app/api/v1/endpoints/embedding_config.py of the component IP Address Handler. Performing a manipulation results in server-side request forgery. It is possible to initiate the attack remotely. Upgrading to version 3.0.4 and 3.1.0 is capable of addressing this issue. The patch is named da853fdd8cbe9d42053b45d83f25708ba29b8b27. It is suggested to upgrade the affected component.
| CWE | CWE-918 |
| Vendor | lintsinghua |
| Product | deepaudit |
| Published | Feb 16, 2026 |
| Last Updated | Feb 23, 2026 |
Stay Ahead of the Next One
Get instant alerts for lintsinghua deepaudit
Be the first to know when new medium vulnerabilities affecting lintsinghua deepaudit are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
lintsinghua / DeepAudit
3.0.0 3.0.1 3.0.2 3.0.3
References
vuldb.com: https://vuldb.com/?id.346120 vuldb.com: https://vuldb.com/?ctiid.346120 vuldb.com: https://vuldb.com/?submit.748220 github.com: https://github.com/lintsinghua/DeepAudit/issues/144 github.com: https://github.com/lintsinghua/DeepAudit/pull/145 github.com: https://github.com/lintsinghua/DeepAudit/commit/da853fdd8cbe9d42053b45d83f25708ba29b8b27 github.com: https://github.com/lintsinghua/DeepAudit/releases/tag/v3.0.4 github.com: https://github.com/lintsinghua/DeepAudit/
Credits
๐ fushuling (VulDB User)