CVE-2025-67743 | LearningCircuit local-deep-research up to 1.3.8 Download Service download_service.py requests.get server-side request forgery (GHSA-9c54-gxh7-ppjc / EUVD-2025-204778)

A vulnerability was found in LearningCircuit local-deep-research up to 1.3.8. It has been rated as critical. The affected element is the function requests.get of the file download_service.py of the component Download Service. Performing manipulation results in server-side request forgery.

This vulnerability is reported as CVE-2025-67743. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More