CVE-2026-32859

Name of the Vulnerable Software and Affected Versions ByteDance Deer-Flow versions prior to commit 5dbb362

Description The software contains a stored cross-site scripting issue in the artifacts API. An attacker can execute arbitrary scripts by uploading malicious HTML or script content as artifacts. When users view these artifacts, malicious content executes in the browser, potentially leading to session compromise and credential theft. The vulnerability allows for arbitrary script execution.

Recommendations Update to version 5dbb362 or later.