📄 Description (English)
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site scripting vulnerability in the artifacts API that allows attackers to execute arbitrary scripts by uploading malicious HTML or script content as artifacts. Attackers can store malicious content that executes in the browser context when users view artifacts, leading to session compromise, credential theft, and arbitrary script execution.
🤖 AI Executive Summary
CVE-2026-32859 is a stored XSS vulnerability in ByteDance Deer-Flow's artifacts API that allows attackers to inject malicious scripts through artifact uploads. When users view compromised artifacts, the scripts execute in their browser context, enabling session hijacking and credential theft. While currently unpatched and without public exploits, the vulnerability poses significant risk to organizations using Deer-Flow for collaborative workflows, particularly in government and enterprise environments.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 28, 2026 06:54
🇸🇦 Saudi Arabia Impact Assessment
Saudi government entities (NCA, CITC), financial institutions under SAMA oversight, and large enterprises using Deer-Flow for document collaboration face elevated risk. The vulnerability is particularly concerning for organizations handling sensitive government communications, financial data, and classified information. Banking sector exposure is moderate as Deer-Flow adoption in SAMA-regulated institutions appears limited. Healthcare and energy sectors using Deer-Flow for collaborative workflows are at risk of credential compromise affecting critical infrastructure access.
🏢 Affected Saudi Sectors
Government & Public Administration
Banking & Financial Services
Telecommunications
Healthcare
Energy & Utilities
Education
Enterprise Software Users
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
6.2
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:
1. Audit all Deer-Flow instances for deployment scope and user access patterns
2. Restrict artifact upload permissions to trusted users only; disable public artifact uploads
3. Implement Content Security Policy (CSP) headers with strict script-src directives
4. Monitor artifact access logs for suspicious viewing patterns
Compensating Controls:
5. Deploy Web Application Firewall (WAF) rules to detect and block script injection patterns in artifact uploads
6. Implement input validation to sanitize HTML/script content before storage
7. Use iframe sandboxing for artifact preview functionality
8. Enable browser security features: X-Frame-Options, X-Content-Type-Options headers
Detection Rules:
9. Alert on artifact uploads containing <script>, javascript:, onerror=, onload= patterns
10. Monitor for unusual artifact access from different geographic locations or IP ranges
11. Track session anomalies following artifact viewing events
Patching:
12. Upgrade to commit 5dbb362 or later when available; test in non-production environment first
13. Maintain inventory of Deer-Flow versions across organization
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تدقيق جميع حالات Deer-Flow لنطاق النشر وأنماط وصول المستخدمين
2. تقييد أذونات تحميل الآثار للمستخدمين الموثوقين فقط؛ تعطيل تحميل الآثار العامة
3. تنفيذ رؤوس سياسة أمان المحتوى (CSP) مع توجيهات script-src صارمة
4. مراقبة سجلات وصول الآثار للأنماط المريبة
الضوابط التعويضية:
5. نشر قواعد جدار حماية تطبيقات الويب (WAF) للكشف عن أنماط حقن النصوص البرمجية وحجبها
6. تنفيذ التحقق من صحة المدخلات لتنظيف محتوى HTML/النصوص البرمجية قبل التخزين
7. استخدام عزل iframe لوظيفة معاينة الآثار
8. تفعيل ميزات أمان المتصفح: رؤوس X-Frame-Options و X-Content-Type-Options
قواعد الكشف:
9. تنبيهات عند تحميل آثار تحتوي على أنماط <script> أو javascript: أو onerror= أو onload=
10. مراقبة وصول الآثار غير العادي من مواقع جغرافية أو نطاقات IP مختلفة
11. تتبع شذوذ الجلسة بعد أحداث عرض الآثار
التصحيح:
12. الترقية إلى commit 5dbb362 أو إصدار أحدث عند توفره؛ اختبر في بيئة غير الإنتاج أولاً
13. الحفاظ على جرد إصدارات Deer-Flow عبر المنظمة
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.14.2.1 - Information security requirements for supplier relationships
ECC 2024 A.5.1.1 - Policies for information security
ECC 2024 A.14.2.5 - Supplier security incident management
🔵 SAMA CSF
ID.BE-1 - Business objectives and strategies
PR.AC-1 - Access control policy and procedures
PR.PT-1 - Security awareness and training
DE.CM-1 - The network is monitored for unauthorized connections
🟡 ISO 27001:2022
A.5.1 - Policies for information security
A.6.1 - Internal organization
A.8.1 - User endpoint devices
A.13.1 - Network security perimeter
A.14.2 - Supplier relationships
🟣 PCI DSS v4.0.1
Requirement 6.5.1 - Injection flaws prevention
Requirement 6.5.7 - Cross-site scripting prevention
Requirement 11.3 - Penetration testing
🔗 References & Sources 3
🔗
🔗
🔗
https://github.com/bytedance/deer-flow/commit/5dbb3623b2f0e490c8bb3cd81b1e3b1b12eae1a6
disclosure@vulncheck.com
https://github.com/bytedance/deer-flow/pull/1389
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/bytedance-deerflow-stored-xss-via-inline-artifact-...
disclosure@vulncheck.com