Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
The DeepAI endpoint 'https://api.deepai.org/change_user_email' accepts POST requests without any CSRF protection. If an attacker can trick a logged-in user into clicking a malicious link, the attacker can change the user's email address and take over their account. Fixed on 2026-05-20.
AnalysisAI
Cross-site request forgery in the DeepAI platform's account management API allows unauthenticated remote attackers to change an authenticated user's registered email address, enabling full account takeover. The POST endpoint at https://api.deepai.org/change_user_email accepts state-changing requests without any CSRF token or origin validation, meaning a browser will automatically include session credentials when the request is triggered from a third-party page. The vulnerability was fixed server-side on 2026-05-20 per the CVE description; no public exploit or CISA KEV listing is associated with this CVE at time of analysis.
Technical ContextAI
CWE-352 (Cross-Site Request Forgery) describes a class of vulnerabilities where a web application trusts requests that originate from an authenticated browser session without verifying that the user intentionally issued the request. In this case, the DeepAI API endpoint responsible for email address changes does not implement standard CSRF defenses - such as synchronizer tokens, SameSite cookie attributes, or custom request headers that cross-origin requests cannot set (e.g., X-Requested-With). Because browsers automatically attach cookies to cross-origin POST requests (unless the SameSite=Strict or SameSite=Lax cookie policy is enforced), an attacker-controlled page can silently issue a valid POST to the endpoint using the victim's live session. The CPE string cpe:2.3:a:deepai:api.deepai.org:*:*:*:*:*:*:*:* indicates all prior versions of the api.deepai.org service were affected, consistent with a server-side configuration gap rather than a versioned software release.
RemediationAI
The vendor applied a server-side fix on 2026-05-20, meaning users of the hosted api.deepai.org service are protected as of that date with no client-side action required - this is confirmed by the CVE description and corroborated by the CISA CSAF advisory (https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-152-01.json). Organizations using DeepAI API tokens in automated pipelines should audit account email addresses for unauthorized modifications that may have occurred prior to 2026-05-20. If running any self-hosted or on-premises derivative of the DeepAI API codebase, add CSRF token validation to the /change_user_email endpoint and enforce SameSite=Strict or SameSite=Lax on session cookies - noting that SameSite=Strict may break legitimate cross-site OAuth or redirect flows and should be tested before deployment. There is no exact patched software version number to cite, as the fix was applied directly to the live hosted service.
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33761
GHSA-h9m8-r5ff-p645