Executive Summary

CVE-2026-45310 is a Server-Side Request Forgery (SSRF) vulnerability in the fetch_url tool of the deepseek-tui package. The tool initially checks the IP address of a URL against a restricted IP blocklist to prevent access to internal services such as cloud metadata endpoints, localhost, or private networks. However, when the HTTP client automatically follows up to 5 redirects, it does not re-validate the IP addresses of the redirected URLs against the blocklist. This allows an attacker to craft a public URL that redirects to a restricted internal IP, bypassing the SSRF protections.

An attacker can exploit this by embedding a malicious URL in a file or web content that the model processes and passes to fetch_url. The tool then follows the redirect to the restricted IP, potentially exposing sensitive internal data.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow attackers to bypass IP restrictions and access internal services that should be protected, such as cloud metadata endpoints. Exploiting this can lead to exposure of sensitive information like cloud IAM credentials or instance metadata.

Because the vulnerability has a high severity score (7.4) with a network attack vector and no required privileges, it poses a significant risk of unauthorized data disclosure if exploited.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the fetch_url tool following HTTP redirects without re-validating the redirected IP address against a restricted IP blocklist, enabling SSRF attacks. Detection involves monitoring for unusual HTTP redirect behavior or requests to internal IP addresses such as localhost or cloud metadata endpoints (e.g., 169.254.169.254) originating from the fetch_url tool or the deepseek-tui package.

You can detect potential exploitation by capturing network traffic and inspecting HTTP requests and redirects for suspicious patterns. For example, using tools like tcpdump or Wireshark to monitor outgoing HTTP requests from the affected system.

• Use tcpdump to capture HTTP traffic: tcpdump -i <interface> -A 'tcp port 80 or 443'
• Use curl with verbose output to test URL redirects and observe if redirects lead to restricted IPs: curl -v <URL>
• Check logs of the deepseek-tui or fetch_url tool for requests to internal IP addresses or unexpected redirects.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation is to upgrade the deepseek-tui package, specifically the CodeWhale fetch_url tool, to version 0.8.22 or later, where the vulnerability is fixed by re-validating redirect targets against the restricted IP blocklist.

Until the upgrade can be applied, consider restricting network access from the affected system to internal IP ranges and cloud metadata endpoints to prevent SSRF exploitation via redirects.

Additionally, monitor and audit usage of the fetch_url tool to detect suspicious activity and avoid processing untrusted URLs that could trigger SSRF.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability CVE-2026-45310 is a Server-Side Request Forgery (SSRF) issue that can lead to unauthorized access to sensitive internal services such as cloud metadata endpoints. This can potentially expose sensitive data like cloud IAM credentials or instance metadata.

Exposure of such sensitive information could impact compliance with data protection standards and regulations like GDPR and HIPAA, which require safeguarding sensitive and personal data against unauthorized access or disclosure.

However, the provided information does not explicitly discuss the direct impact of this vulnerability on compliance with these standards or any regulatory requirements.

Useful 0 Not Useful 0