CVE-2026-43899

CRITICAL 9.6

DeepChat: Incomplete Fix for CVE-2025-55733 leads to Remote Code Execution via Markdown Links bypassing `isValidExternalUrl`

CVSS Score

9.6

EPSS Score

0.0%

EPSS Percentile

0th

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution bypass (RCE). While the patch correctly restricted api.openExternal() inside the renderer's preload/index.ts script, it structurally neglected to sanitize native Electron pop-up window handlers. An attacker or a compromised AI endpoint returning a Markdown link can trigger a target="_blank" native window interception in tabPresenter.ts, which forwards the malicious URL directly to shell.openExternal(url) and completely bypasses the isValidExternalUrl security boundary. This vulnerability is fixed in v1.0.4-beta.1.

CWE	CWE-20
Vendor	thinkinaixyz
Product	deepchat
Published	May 11, 2026
Last Updated	May 12, 2026

Stay Ahead of the Next One

Get instant alerts for thinkinaixyz deepchat

Be the first to know when new critical vulnerabilities affecting thinkinaixyz deepchat are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

ThinkInAIXYZ / deepchat

< 1.0.4-beta.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/ThinkInAIXYZ/deepchat/security/advisories/GHSA-cp8j-jx7q-7r5f