Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (VulnCheck) · only source for this CVE.
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new_ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /{full_path:path} endpoint. Attackers can bypass Starlette's path normalization by encoding slashes as %2F and dots as %2E%2E, causing the joined path to traverse outside FRONTEND_DIST and exposing sensitive files such as SSH private keys, TLS certificates, and application secrets with a single HTTP request.
AnalysisAI
{full_path:path} in new_ui/backend/main.py. Publicly available exploit code exists (referenced in HKUDS/DeepCode issue #126 and a VulnCheck advisory), making opportunistic exploitation realistic against exposed instances. No CISA KEV listing or EPSS data was provided, but the combination of no authentication, low complexity, and a single-request exploit places this at a high operational priority for any exposed deployment.
Technical ContextAI
DeepCode's new UI backend is built on Starlette (or a Starlette-based framework such as FastAPI), which serves a single-page application via a catch-all path parameter route GET /{full_path:path}. The handler joins the user-supplied path with the FRONTEND_DIST static directory before reading and returning the file. The root cause is CWE-22 (Improper Limitation of a Pathname to a Restricted Directory): while Starlette normalizes literal '../' segments, it does not decode percent-encoded variants before applying that check, so values like %2E%2E%2F survive normalization and are later decoded and joined as real directory traversal sequences. The affected component is identified in CPE data as cpe:2.3:a:hkuds:deepcode (all versions up to commit c991dc2).
RemediationAI
Upstream fix available (referenced via the HKUDS/DeepCode issue tracker at https://github.com/HKUDS/DeepCode/issues/126); a released patched version is not independently confirmed in the input data, so operators should pull the latest commit beyond c991dc2 once a merged fix lands and verify the catch-all handler decodes and canonicalizes the path before joining it with FRONTEND_DIST. As a compensating control until a tagged patch is available, place DeepCode behind a reverse proxy (nginx, Caddy, or an API gateway) that rejects requests whose decoded path contains '..' or whose raw URI contains %2E%2E or %2F outside the expected static asset prefix; this blocks the exploit but may also break legitimate SPA routes that rely on encoded characters. Additionally, restrict the DeepCode service to trusted networks via firewall or authenticated ingress, and rotate any SSH keys, TLS certificates, and application secrets that were readable by the DeepCode process user, since prior exposure cannot be ruled out. Refer to the VulnCheck advisory at https://www.vulncheck.com/advisories/deepcode-path-traversal-via-spa-catch-all-route-in-main-py for the authoritative technical details.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33008
GHSA-2vjv-m9hw-qvjf