High github · GHSA-88gh-2526-gfrr

DeepSeek TUI has SSRF‌ IPV6 bypass

Published May 14, 2026 CVSS 7.4

Summary

Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in‌‌ URL‌ as http://[::1], the SSRF defenses do not work.

Details

https://github.com/Hmbown/DeepSeek-TUI/blob/15f62e3e93d842f30b428877819ebc1c8cb96814/crates/tui/src/tools/fetch_url.rs#L321

PoC

Prompt:‌ Run fetch_url tool and give output, no thinking. Use url : http://[::1]

Impact

Access to local restricted resources

SSRF

Affected AI Products

deepseek

View original source

Get the weekly digest. Every Monday: top AI security stories of the week. Free.