Search
Find a vulnerability
Search criteria
8 vulnerabilities found for docsgpt by arc53
CVE-2026-13483 (GCVE-0-2026-13483)
Vulnerability from nvd – Published: 2026-06-28 05:45 – Updated: 2026-06-29 13:01
VLAI
Title
arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity
Summary
A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/374480 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/374480/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-13483 | third-party-advisory |
| https://vuldb.com/submit/837646 | third-party-advisory |
| https://github.com/arc53/DocsGPT/issues/2503 | exploitissue-tracking |
| https://github.com/arc53/DocsGPT/pull/2331 | issue-trackingpatch |
| https://github.com/arc53/DocsGPT/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| arc53 | DocsGPT |
Affected:
0.1
Affected: 0.2 Affected: 0.3 Affected: 0.4 Affected: 0.5 Affected: 0.6 Affected: 0.7 Affected: 0.8 Affected: 0.9 Affected: 0.10 Affected: 0.11 Affected: 0.12 Affected: 0.13 Affected: 0.14 Affected: 0.15 Affected: 0.16 Affected: 0.17 Affected: 0.18.0 cpe:2.3:a:arc53:docsgpt:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13483",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T13:01:31.061832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T13:01:38.042Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:arc53:docsgpt:*:*:*:*:*:*:*:*"
],
"modules": [
"Credential Storage"
],
"product": "DocsGPT",
"vendor": "arc53",
"versions": [
{
"status": "affected",
"version": "0.1"
},
{
"status": "affected",
"version": "0.2"
},
{
"status": "affected",
"version": "0.3"
},
{
"status": "affected",
"version": "0.4"
},
{
"status": "affected",
"version": "0.5"
},
{
"status": "affected",
"version": "0.6"
},
{
"status": "affected",
"version": "0.7"
},
{
"status": "affected",
"version": "0.8"
},
{
"status": "affected",
"version": "0.9"
},
{
"status": "affected",
"version": "0.10"
},
{
"status": "affected",
"version": "0.11"
},
{
"status": "affected",
"version": "0.12"
},
{
"status": "affected",
"version": "0.13"
},
{
"status": "affected",
"version": "0.14"
},
{
"status": "affected",
"version": "0.15"
},
{
"status": "affected",
"version": "0.16"
},
{
"status": "affected",
"version": "0.17"
},
{
"status": "affected",
"version": "0.18.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem00 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-28T05:45:08.860Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-374480 | arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/374480"
},
{
"name": "VDB-374480 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/374480/cti"
},
{
"name": "CVE-2026-13483 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-13483"
},
{
"name": "Submit #837646 | arc53 DocsGPT Development branch before PR #2331; verified against local main commit 06e827573cac6ad3b445ffea0fb08169071c1b50. Fixed for newly CWE-345: Insufficient Verification of Data Authenticity",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/837646"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/arc53/DocsGPT/issues/2503"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/arc53/DocsGPT/pull/2331"
},
{
"tags": [
"product"
],
"url": "https://github.com/arc53/DocsGPT/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-27T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-27T17:07:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-13483",
"datePublished": "2026-06-28T05:45:08.860Z",
"dateReserved": "2026-06-27T15:02:53.995Z",
"dateUpdated": "2026-06-29T13:01:38.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26015 (GCVE-0-2026-26015)
Vulnerability from nvd – Published: 2026-04-29 17:37 – Updated: 2026-05-06 19:43
VLAI
Title
Unauthenticated RCE in DocsGPT MCP STDIO Configuration
Summary
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
4 references
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26015",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-30T13:03:22.221448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T13:03:55.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-06T19:43:48.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/"
},
{
"url": "https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "DocsGPT",
"vendor": "arc53",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.15.0, \u003c 0.16.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the \"MCP test\" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T17:37:25.524Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74"
},
{
"name": "https://github.com/arc53/DocsGPT/releases/tag/0.16.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/arc53/DocsGPT/releases/tag/0.16.0"
}
],
"source": {
"advisory": "GHSA-gcrq-f296-2j74",
"discovery": "UNKNOWN"
},
"title": "Unauthenticated RCE in DocsGPT MCP STDIO Configuration"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-26015",
"datePublished": "2026-04-29T17:37:25.524Z",
"dateReserved": "2026-02-09T21:36:29.554Z",
"dateUpdated": "2026-05-06T19:43:48.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0868 (GCVE-0-2025-0868)
Vulnerability from nvd – Published: 2025-02-20 11:26 – Updated: 2025-10-03 08:56
VLAI
KEVIntel
Title
Remote Code Execution in DocsGPT
Summary
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint..
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/02/CVE-2025-0868/ | third-party-advisory |
| https://cert.pl/posts/2025/02/CVE-2025-0868/ | third-party-advisory |
| https://github.com/arc53/DocsGPT | product |
Impacted products
Date Public
2025-02-20 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T14:15:08.297948Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T14:15:43.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DocsGPT",
"repo": "https://github.com/arc53/DocsGPT",
"vendor": "Arc53",
"versions": [
{
"lessThanOrEqual": "0.12.0",
"status": "affected",
"version": "0.8.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Eryk Winiarz"
}
],
"datePublic": "2025-02-20T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint\u003cspan style=\"background-color: var(--wht);\"\u003e..\u003c/span\u003e\u003c/p\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects DocsGPT: from 0.8.1 through 0.12.0.\u003c/span\u003e"
}
],
"value": "A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint..\n\nThis issue affects DocsGPT: from 0.8.1 through 0.12.0."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-95",
"description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-03T08:56:10.028Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/02/CVE-2025-0868/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2025/02/CVE-2025-0868/"
},
{
"tags": [
"product"
],
"url": "https://github.com/arc53/DocsGPT"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Remote Code Execution in DocsGPT",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-0868",
"datePublished": "2025-02-20T11:26:11.784Z",
"dateReserved": "2025-01-30T08:24:34.707Z",
"dateUpdated": "2025-10-03T08:56:10.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31451 (GCVE-0-2024-31451)
Vulnerability from nvd – Published: 2024-04-16 14:28 – Updated: 2024-08-02 01:52
VLAI
Title
Limited file write in routes.py (GHSL-2023-250)
Summary
DocsGPT is a GPT-powered chat for documentation. DocsGPT is vulnerable to unauthenticated limited file write in routes.py. This vulnerability is fixed in 0.8.1.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/arc53/DocsGPT/security/advisor… | x_refsource_CONFIRM |
| https://github.com/arc53/DocsGPT/commit/d36f58230… | x_refsource_MISC |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:arc53:docsgpt:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "docsgpt",
"vendor": "arc53",
"versions": [
{
"lessThan": "0.8.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T13:26:49.894447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:36:24.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp"
},
{
"name": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DocsGPT",
"vendor": "arc53",
"versions": [
{
"status": "affected",
"version": "\u003c 0.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DocsGPT is a GPT-powered chat for documentation. DocsGPT is vulnerable to unauthenticated limited file write in routes.py. This vulnerability is fixed in 0.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T16:16:04.273Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp"
},
{
"name": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT",
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT"
}
],
"source": {
"advisory": "GHSA-p5qc-vj2x-9rjp",
"discovery": "UNKNOWN"
},
"title": "Limited file write in routes.py (GHSL-2023-250)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31451",
"datePublished": "2024-04-16T14:28:11.435Z",
"dateReserved": "2024-04-03T17:55:32.646Z",
"dateUpdated": "2024-08-02T01:52:56.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-13483 (GCVE-0-2026-13483)
Vulnerability from cvelistv5 – Published: 2026-06-28 05:45 – Updated: 2026-06-29 13:01
VLAI
Title
arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity
Summary
A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/374480 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/374480/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-13483 | third-party-advisory |
| https://vuldb.com/submit/837646 | third-party-advisory |
| https://github.com/arc53/DocsGPT/issues/2503 | exploitissue-tracking |
| https://github.com/arc53/DocsGPT/pull/2331 | issue-trackingpatch |
| https://github.com/arc53/DocsGPT/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| arc53 | DocsGPT |
Affected:
0.1
Affected: 0.2 Affected: 0.3 Affected: 0.4 Affected: 0.5 Affected: 0.6 Affected: 0.7 Affected: 0.8 Affected: 0.9 Affected: 0.10 Affected: 0.11 Affected: 0.12 Affected: 0.13 Affected: 0.14 Affected: 0.15 Affected: 0.16 Affected: 0.17 Affected: 0.18.0 cpe:2.3:a:arc53:docsgpt:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13483",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T13:01:31.061832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T13:01:38.042Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:arc53:docsgpt:*:*:*:*:*:*:*:*"
],
"modules": [
"Credential Storage"
],
"product": "DocsGPT",
"vendor": "arc53",
"versions": [
{
"status": "affected",
"version": "0.1"
},
{
"status": "affected",
"version": "0.2"
},
{
"status": "affected",
"version": "0.3"
},
{
"status": "affected",
"version": "0.4"
},
{
"status": "affected",
"version": "0.5"
},
{
"status": "affected",
"version": "0.6"
},
{
"status": "affected",
"version": "0.7"
},
{
"status": "affected",
"version": "0.8"
},
{
"status": "affected",
"version": "0.9"
},
{
"status": "affected",
"version": "0.10"
},
{
"status": "affected",
"version": "0.11"
},
{
"status": "affected",
"version": "0.12"
},
{
"status": "affected",
"version": "0.13"
},
{
"status": "affected",
"version": "0.14"
},
{
"status": "affected",
"version": "0.15"
},
{
"status": "affected",
"version": "0.16"
},
{
"status": "affected",
"version": "0.17"
},
{
"status": "affected",
"version": "0.18.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem00 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-28T05:45:08.860Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-374480 | arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/374480"
},
{
"name": "VDB-374480 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/374480/cti"
},
{
"name": "CVE-2026-13483 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-13483"
},
{
"name": "Submit #837646 | arc53 DocsGPT Development branch before PR #2331; verified against local main commit 06e827573cac6ad3b445ffea0fb08169071c1b50. Fixed for newly CWE-345: Insufficient Verification of Data Authenticity",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/837646"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/arc53/DocsGPT/issues/2503"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/arc53/DocsGPT/pull/2331"
},
{
"tags": [
"product"
],
"url": "https://github.com/arc53/DocsGPT/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-27T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-27T17:07:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-13483",
"datePublished": "2026-06-28T05:45:08.860Z",
"dateReserved": "2026-06-27T15:02:53.995Z",
"dateUpdated": "2026-06-29T13:01:38.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26015 (GCVE-0-2026-26015)
Vulnerability from cvelistv5 – Published: 2026-04-29 17:37 – Updated: 2026-05-06 19:43
VLAI
Title
Unauthenticated RCE in DocsGPT MCP STDIO Configuration
Summary
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
4 references
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26015",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-30T13:03:22.221448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T13:03:55.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-06T19:43:48.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/"
},
{
"url": "https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "DocsGPT",
"vendor": "arc53",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.15.0, \u003c 0.16.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the \"MCP test\" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T17:37:25.524Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74"
},
{
"name": "https://github.com/arc53/DocsGPT/releases/tag/0.16.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/arc53/DocsGPT/releases/tag/0.16.0"
}
],
"source": {
"advisory": "GHSA-gcrq-f296-2j74",
"discovery": "UNKNOWN"
},
"title": "Unauthenticated RCE in DocsGPT MCP STDIO Configuration"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-26015",
"datePublished": "2026-04-29T17:37:25.524Z",
"dateReserved": "2026-02-09T21:36:29.554Z",
"dateUpdated": "2026-05-06T19:43:48.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0868 (GCVE-0-2025-0868)
Vulnerability from cvelistv5 – Published: 2025-02-20 11:26 – Updated: 2025-10-03 08:56
VLAI
KEVIntel
Title
Remote Code Execution in DocsGPT
Summary
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint..
This issue affects DocsGPT: from 0.8.1 through 0.12.0.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/02/CVE-2025-0868/ | third-party-advisory |
| https://cert.pl/posts/2025/02/CVE-2025-0868/ | third-party-advisory |
| https://github.com/arc53/DocsGPT | product |
Impacted products
Date Public
2025-02-20 11:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T14:15:08.297948Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T14:15:43.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DocsGPT",
"repo": "https://github.com/arc53/DocsGPT",
"vendor": "Arc53",
"versions": [
{
"lessThanOrEqual": "0.12.0",
"status": "affected",
"version": "0.8.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Eryk Winiarz"
}
],
"datePublic": "2025-02-20T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint\u003cspan style=\"background-color: var(--wht);\"\u003e..\u003c/span\u003e\u003c/p\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects DocsGPT: from 0.8.1 through 0.12.0.\u003c/span\u003e"
}
],
"value": "A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint..\n\nThis issue affects DocsGPT: from 0.8.1 through 0.12.0."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-95",
"description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-03T08:56:10.028Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/02/CVE-2025-0868/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2025/02/CVE-2025-0868/"
},
{
"tags": [
"product"
],
"url": "https://github.com/arc53/DocsGPT"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Remote Code Execution in DocsGPT",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-0868",
"datePublished": "2025-02-20T11:26:11.784Z",
"dateReserved": "2025-01-30T08:24:34.707Z",
"dateUpdated": "2025-10-03T08:56:10.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31451 (GCVE-0-2024-31451)
Vulnerability from cvelistv5 – Published: 2024-04-16 14:28 – Updated: 2024-08-02 01:52
VLAI
Title
Limited file write in routes.py (GHSL-2023-250)
Summary
DocsGPT is a GPT-powered chat for documentation. DocsGPT is vulnerable to unauthenticated limited file write in routes.py. This vulnerability is fixed in 0.8.1.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/arc53/DocsGPT/security/advisor… | x_refsource_CONFIRM |
| https://github.com/arc53/DocsGPT/commit/d36f58230… | x_refsource_MISC |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:arc53:docsgpt:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "docsgpt",
"vendor": "arc53",
"versions": [
{
"lessThan": "0.8.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T13:26:49.894447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:36:24.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp"
},
{
"name": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DocsGPT",
"vendor": "arc53",
"versions": [
{
"status": "affected",
"version": "\u003c 0.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DocsGPT is a GPT-powered chat for documentation. DocsGPT is vulnerable to unauthenticated limited file write in routes.py. This vulnerability is fixed in 0.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T16:16:04.273Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/arc53/DocsGPT/security/advisories/GHSA-p5qc-vj2x-9rjp"
},
{
"name": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/arc53/DocsGPT/commit/d36f58230a326ecacb9c32a4ae8eac65666044f2"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT",
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2023-250_DocsGPT"
}
],
"source": {
"advisory": "GHSA-p5qc-vj2x-9rjp",
"discovery": "UNKNOWN"
},
"title": "Limited file write in routes.py (GHSL-2023-250)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31451",
"datePublished": "2024-04-16T14:28:11.435Z",
"dateReserved": "2024-04-03T17:55:32.646Z",
"dateUpdated": "2024-08-02T01:52:56.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}