📄 Description (English)
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collection_router.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance.
🤖 AI Executive Summary
CVE-2026-11466 is a medium-severity improper access control vulnerability in Zilliz Deep-Searcher versions up to 0.0.2, affecting the CollectionRouter.invoke function. The vulnerability allows remote attackers to manipulate kwargs arguments to bypass access controls. While no public exploit is currently available and patches are pending, the vulnerability poses a moderate risk to organizations using this AI/ML framework for data retrieval and search operations.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: Jun 8, 2026 02:19
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi organizations in the financial technology, healthcare analytics, and government data intelligence sectors that utilize Zilliz Deep-Searcher for AI-powered search and data retrieval. Banks and fintech companies using this framework for customer data analysis face unauthorized access risks. Government agencies (NCA, CITC) and healthcare providers leveraging AI-driven search capabilities are at moderate risk. The vulnerability could lead to unauthorized access to sensitive collections and data exfiltration, particularly concerning for organizations handling PII and financial records subject to SAMA and NCA regulations.
🏢 Affected Saudi Sectors
Financial Technology and Banking
Government and Public Administration
Healthcare and Medical Research
Energy and Utilities
Telecommunications
E-commerce and Retail
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
5.8
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:
1. Inventory all systems running Zilliz Deep-Searcher versions 0.0.2 and earlier
2. Restrict network access to CollectionRouter endpoints using firewall rules and WAF policies
3. Implement API authentication and authorization checks at the application layer
4. Monitor access logs for suspicious kwargs manipulation patterns
Patching Guidance:
1. Monitor the official Zilliz GitHub repository for merged pull requests addressing this issue
2. Upgrade to version 0.0.3 or later once available and tested
3. Apply security patches immediately upon release
Compensating Controls:
1. Implement strict input validation and sanitization for all kwargs parameters
2. Deploy Web Application Firewall (WAF) rules to detect and block malicious kwargs patterns
3. Enable comprehensive audit logging for all CollectionRouter.invoke calls
4. Implement role-based access control (RBAC) at the application level
5. Use API gateways with request inspection capabilities
Detection Rules:
1. Monitor for unusual kwargs parameter values in CollectionRouter.invoke calls
2. Alert on access attempts to collections by unauthorized users
3. Track failed authentication attempts to collection endpoints
4. Flag requests with suspicious parameter manipulation patterns
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حصر جميع الأنظمة التي تقوم بتشغيل Zilliz Deep-Searcher الإصدارات 0.0.2 والإصدارات الأقدم
2. تقييد الوصول إلى شبكة نقاط نهاية CollectionRouter باستخدام قواعد جدار الحماية وسياسات WAF
3. تنفيذ فحوصات المصادقة والتفويض على مستوى التطبيق
4. مراقبة سجلات الوصول للأنماط المريبة في معالجة kwargs
إرشادات التصحيح:
1. مراقبة مستودع Zilliz الرسمي على GitHub لطلبات السحب المدمجة التي تعالج هذه المشكلة
2. الترقية إلى الإصدار 0.0.3 أو أحدث بمجرد توفره واختباره
3. تطبيق تصحيحات الأمان فوراً عند إصدارها
عناصر التحكم البديلة:
1. تنفيذ التحقق من صحة المدخلات والتطهير الصارم لجميع معاملات kwargs
2. نشر قواعد Web Application Firewall (WAF) للكشف عن أنماط kwargs الضارة وحجبها
3. تفعيل تسجيل التدقيق الشامل لجميع استدعاءات CollectionRouter.invoke
4. تنفيذ التحكم في الوصول القائم على الأدوار (RBAC) على مستوى التطبيق
5. استخدام بوابات API مع قدرات فحص الطلبات
قواعد الكشف:
1. مراقبة قيم معاملات kwargs غير العادية في استدعاءات CollectionRouter.invoke
2. التنبيه على محاولات الوصول إلى المجموعات من قبل مستخدمين غير مصرح لهم
3. تتبع محاولات المصادقة الفاشلة لنقاط نهاية المجموعة
4. وضع علامة على الطلبات ذات أنماط معالجة المعاملات المريبة
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.5.1.1 - Access Control Policy
ECC 2024 A.5.2.1 - User Registration and Access Rights Management
ECC 2024 A.5.3.1 - Management of Privileged Access Rights
ECC 2024 A.6.1.2 - Segregation of Duties
🔵 SAMA CSF
SAMA CSF 2.1 - Access Control and Authentication
SAMA CSF 2.2 - Authorization and Privilege Management
SAMA CSF 3.1 - Audit Logging and Monitoring
🟡 ISO 27001:2022
ISO 27001:2022 A.5.2 - User Access Management
ISO 27001:2022 A.5.3 - Access Control
ISO 27001:2022 A.8.1 - User Endpoint Devices
ISO 27001:2022 A.8.3 - Access Control
🟣 PCI DSS v4.0.1
PCI DSS 2.1 - Default Security Parameters
PCI DSS 7.1 - Limit Access to System Components
PCI DSS 7.2 - Establish Access Control Measures
🔗 References & Sources 7
🔗
🔗
🔗
🔗
🔗
🔗
🔗
https://github.com/zilliztech/deep-searcher/
cna@vuldb.com
https://github.com/zilliztech/deep-searcher/issues/267
cna@vuldb.com
https://github.com/zilliztech/deep-searcher/pull/268
cna@vuldb.com
https://vuldb.com/cve/CVE-2026-11466
cna@vuldb.com
https://vuldb.com/submit/833652
cna@vuldb.com
https://vuldb.com/vuln/369086
cna@vuldb.com
https://vuldb.com/vuln/369086/cti
cna@vuldb.com