CVE-2026-43979
Local Deep Research PDF Export HTML Injection Leading to SSRF
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| local_deep_research | local_deep_research | to 1.6.0 (exc) |
| learningcircuit | local_deep_research | 1.6.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-43979 is a vulnerability in the local-deep-research software's PDF export functionality where user-controlled inputs such as research titles and metadata are directly inserted into HTML without proper escaping. This allows an authenticated attacker to inject arbitrary HTML tags into the generated PDF document.
The injected HTML can include malicious elements like <img> or <link> tags, which can be used to exploit Server-Side Request Forgery (SSRF) vulnerabilities by forcing the server to make unauthorized outbound HTTP requests to internal or external resources.
This vulnerability arises because the function constructing the HTML document interpolates user input into an f-string without escaping special HTML characters, enabling injection attacks.
The issue was fixed in version 1.6.0 by applying proper HTML escaping to all user-controlled inputs and implementing a safe URL fetcher that validates URLs before allowing outbound requests during PDF generation.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an authenticated attacker to inject malicious HTML into PDF documents generated by the application, potentially leading to several security issues.
- Server-Side Request Forgery (SSRF): The attacker can cause the server to make unauthorized HTTP requests to internal services such as cloud metadata endpoints, private networks, or localhost interfaces, potentially exposing sensitive data.
- Denial of Service (DoS): Injected HTML can corrupt the PDF document structure, causing rendering failures or crashes.
- Visual Content Forgery or Spoofing: External stylesheets or malicious content can be loaded into the PDF, misleading users or forging document appearance.
The vulnerability affects all PDF export operations and can be exploited by any authenticated user without elevated privileges.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if the local-deep-research software is running a version prior to 1.6.0 and if it processes PDF exports with user-controlled inputs that are not properly escaped.
Since the vulnerability allows HTML injection and SSRF via crafted research queries, monitoring for unusual outbound HTTP requests during PDF generation or inspecting logs for suspicious HTML content in research titles or metadata can help detect exploitation attempts.
Specific commands are not provided in the available resources, but general approaches include:
- Checking the installed version of local-deep-research to confirm if it is older than 1.6.0.
- Using network monitoring tools (e.g., tcpdump, Wireshark) to capture outbound HTTP requests from the server during PDF generation.
- Reviewing application logs for research queries containing HTML special characters or suspicious tags.
- Testing PDF export functionality with crafted inputs containing HTML special characters to see if they are escaped or cause unexpected behavior.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade the local-deep-research software to version 1.6.0 or later, where the vulnerability has been fixed.
Version 1.6.0 includes proper HTML escaping of user-controlled inputs in PDF generation and a safe URL fetcher that validates URLs before fetching, preventing SSRF attacks.
Until the upgrade can be applied, consider restricting access to the PDF export functionality to trusted users only and monitoring for suspicious outbound network activity.
Additionally, review and harden any custom PDF generation code to ensure all user inputs are properly sanitized and escaped.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-43979 allows an authenticated attacker to inject arbitrary HTML into PDF exports and trigger Server-Side Request Forgery (SSRF) attacks, potentially exposing internal services and sensitive data.
Such vulnerabilities can lead to unauthorized access or disclosure of sensitive information, which may violate data protection regulations like GDPR or HIPAA that require safeguarding personal and sensitive data against unauthorized access.
The ability to perform SSRF attacks and inject malicious content could result in data breaches or unauthorized data exposure, impacting compliance with these standards.
Therefore, organizations using affected versions of Local Deep Research prior to 1.6.0 should upgrade promptly to mitigate risks and maintain compliance with relevant security and privacy regulations.