CVE-2025-57806 is a medium-severity vulnerability affecting versions 0.2.0 through 0.6.7 of LearningCircuit's local-deep-research, an AI-powered research assistant designed for deep iterative research tasks. The vulnerability arises from the cleartext storage of sensitive information, including API keys, within a local SQLite database file. This database is stored without encryption and its location is fixed, with no user-configurable option to relocate it. Consequently, any individual with access to the container or host filesystem can directly access the .db file and extract confidential data in plaintext. The issue stems from CWE-312 (Cleartext Storage of Sensitive Information) and CWE-522 (Insufficiently Protected Credentials). The vulnerability was not clearly documented outside of the database architecture page, potentially leading to unawareness among users about the risk. The flaw was addressed and fixed in version 1.0.0 of the software. The CVSS 4.0 base score is 6.9, reflecting a medium severity level, with an attack vector limited to local access (AV:L), low attack complexity (AC:L), no privileges or user interaction required (PR:N, UI:N), and a high impact on confidentiality (VC:H) but no impact on integrity or availability. No known exploits are currently reported in the wild.

For European organizations using local-deep-research versions prior to 1.0.0, this vulnerability poses a significant risk to the confidentiality of sensitive information, particularly API keys that could grant unauthorized access to external services or internal resources. Since the vulnerability requires local or container-level access, the primary threat vector is insider threats or attackers who have already compromised the host environment. The exposure of API keys can lead to further lateral movement, data exfiltration, or abuse of cloud services, potentially resulting in financial loss, reputational damage, and regulatory non-compliance under GDPR due to inadequate protection of sensitive data. Organizations relying on this tool for research involving confidential or proprietary data may face increased risk of intellectual property theft or leakage. The lack of encryption and fixed database location exacerbates the risk, as attackers do not need to bypass additional security controls to retrieve sensitive data. However, the absence of remote exploitability limits the threat to environments where attackers have already gained some level of access.

European organizations should immediately upgrade local-deep-research to version 1.0.0 or later, where the vulnerability has been fixed. Until upgrade is possible, organizations should restrict access to the host filesystem and container environments to trusted personnel only, implementing strict access controls and monitoring for unauthorized access attempts. Encrypting the underlying storage volume or filesystem where the SQLite database resides can provide an additional layer of protection. Organizations should also consider isolating the application within hardened containers with minimal privileges and use host-based intrusion detection systems to alert on suspicious file access. Reviewing and rotating any API keys stored in affected versions is critical to prevent misuse. Additionally, organizations should request or implement configuration options to allow relocation of the database file to more secure locations and advocate for encryption of sensitive data at rest in future software versions. Finally, conducting regular audits of container and host security posture will help detect potential exposures early.