CVE-2025-57806
BaseFortify
Publication date: 2025-09-03
Last updated on: 2025-09-04
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| learningcircuit | local_deep_research | 0.6.7 |
| learningcircuit | local_deep_research | 1.0.0 |
| learningcircuit | local_deep_research | 0.2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-522 | The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. |
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Local Deep Research versions 0.2.0 through 0.6.7 involves storing confidential information, including API keys, unencrypted in a local SQLite database. The database location was fixed and not configurable, so anyone with access to the container or host filesystem could access the plaintext .db file and retrieve sensitive data. This lack of encryption and configurability exposed sensitive information to unauthorized local access. The issue was fixed in version 1.0.0 by encrypting the database, making its location configurable, and improving how API keys are handled. [1]
How can this vulnerability impact me? :
If an attacker or unauthorized user gains access to the container or host filesystem where Local Deep Research is running, they can retrieve the unencrypted SQLite database file and extract sensitive information such as API keys and confidential data stored in plaintext. This can lead to unauthorized use of API keys, data breaches, and potential compromise of connected services. The vulnerability requires local access but does not require special privileges or user interaction. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability negatively impacts compliance with standards like GDPR and HIPAA because it involves storing sensitive information, including API keys and potentially personal data, in plaintext without encryption. Such insecure storage increases the risk of unauthorized data access and breaches, which are violations of data protection requirements under these regulations. Proper encryption and access controls are required to protect sensitive data, and the vulnerability represents a failure to meet these security obligations. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your system or container hosts a Local Deep Research SQLite database file (.db) from versions 0.2.0 through 0.6.7 that stores sensitive information unencrypted. You can look for the presence of the database file in the container or host filesystem and inspect its contents. For example, you can use commands like `find / -name '*.db'` to locate database files and then use `sqlite3 <database_file> 'SELECT * FROM <table_name>;'` to inspect the data stored in the database. If API keys or confidential information are visible in plaintext, the system is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Local Deep Research to version 1.0.0 or later, which implements per-user encrypted databases using SQLCipher with AES-256 encryption, makes the database location configurable, and requires authentication for API access. Additionally, restrict access to the container or host filesystem to prevent unauthorized users from accessing the SQLite database files. If upgrading immediately is not possible, consider moving API keys to environment variables as supported in earlier versions and securing filesystem permissions to limit access. [1, 2]