VYPR

Deepcode

by Hkuds

Source repositories

CVEs (1)

  • CVE-2026-32847HigMay 28, 2026
    risk 0.49cvss 7.5epss 0.00

    DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new_ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /{full_path:path} endpoint. Attackers…