Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025

CVE-2025-63872

CVE-2025-63872

Description

DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which allows JavaScript execution through model-generated SVG content.

Affected products

2

DeepSeek/DeepSeek V3.2description
DeepSeek/V3.2llm-create

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

medium.com/@vinitkundu14/cve-2025-63872-svg-based-xss-in-deepseek-chat-v3-2-db4ebc1f1f28mitre

News mentions

0

No linked articles in our index yet.