Wiz Research discovered a publicly accessible ClickHouse database owned by DeepSeek, granting full control over database operations and access to internal data. This exposure included over a million lines of log streams containing chat history, secret keys, backend details, and other highly sensitive information. The Wiz Research team promptly and responsibly reported the issue to DeepSeek, which swiftly secured the vulnerability.
