Skip to main content

deep-searcher EUVD-2026-34997

| CVE-2026-11466 LOW
Improper Access Control (CWE-284)
2026-06-07 VulDB GHSA-43px-gpwc-q84v
Authentication Bypass Deep Searcher
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Source Code Evidence Fetched
Jun 07, 2026 - 23:29 vuln.today
Analysis Generated
Jun 07, 2026 - 23:29 vuln.today
Severity Changed
Jun 07, 2026 - 23:22 NVD
MEDIUM LOW
CVSS changed
Jun 07, 2026 - 23:22 NVD
5.4 (MEDIUM) 2.1 (LOW)

DescriptionCVE.org

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collection_router.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance.

AnalysisAI

Improper access control in zilliztech deep-searcher up to version 0.0.2 allows authenticated remote attackers to bypass collection-level authorization in the vector database layer. The CollectionRouter.invoke function in collection_router.py lists and queries all vector database collections without filtering by the caller's authorized scope, meaning a low-privileged user can retrieve data from collections they should not have access to. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate with low-privilege account
Delivery
Send query to CollectionRouter.invoke
Exploit
Bypass absent collection authorization filter
Execution
Receive results from unauthorized vector collections
Impact
Exfiltrate cross-tenant or restricted data
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid low-privilege account on the deep-searcher instance (PR:L per CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 2.1 reflects genuinely limited real-world impact: PR:L requires the attacker to already hold a valid (low-privilege) account; impact metrics VC:L/VI:N/VA:L indicate only partial confidentiality disclosure and minimal availability effect, scoped entirely to the vulnerable component with no downstream system impact (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated low-privilege user with access to a multi-tenant deep-searcher deployment crafts a query to the CollectionRouter.invoke endpoint without passing authorized_collection_set restrictions. Because the pre-fix code calls list_collections unconditionally, the router evaluates and returns results from all vector database collections - including those belonging to other tenants or restricted namespaces. …
Remediation An upstream fix is available via GitHub Pull Request #268 (https://github.com/zilliztech/deep-searcher/pull/268), but it has not yet been merged or released as a tagged version at time of analysis - this is 'upstream fix available (PR/commit); released patched version not independently confirmed.' Organizations using deep-searcher should monitor PR #268 for merge and apply the patched commit or cherry-pick the changes manually. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-34997 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy