{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5631", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-05T19:12:42.697Z", "datePublished": "2026-04-06T06:30:14.722Z", "dateUpdated": "2026-04-06T14:49:37.041Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-06T06:30:14.722Z"}, "title": "assafelovic gpt-researcher ws Endpoint server_utils.py extract_command_data code injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "Code Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "assafelovic", "product": "gpt-researcher", "versions": [{"version": "3.4.0", "status": "affected"}, {"version": "3.4.1", "status": "affected"}, {"version": "3.4.2", "status": "affected"}, {"version": "3.4.3", "status": "affected"}], "modules": ["ws Endpoint"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract_command_data of the file backend/server/server_utils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-05T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-05T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-05T21:17:56.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yu-Bao (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355419", "name": "VDB-355419 | assafelovic gpt-researcher ws Endpoint server_utils.py extract_command_data code injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355419/cti", "name": "VDB-355419 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/785858", "name": "Submit #785858 | assafelovic gpt-researcher 3.4.3 Unauthenticated Remote Code Execution", "tags": ["third-party-advisory"]}, {"url": "https://github.com/assafelovic/gpt-researcher/issues/1694", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/assafelovic/gpt-researcher/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T14:46:28.889913Z", "id": "CVE-2026-5631", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T14:49:37.041Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5631", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T14:46:28.889913Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T14:46:29.877Z"}}], "cna": {"title": "assafelovic gpt-researcher ws Endpoint server_utils.py extract_command_data code injection", "credits": [{"lang": "en", "type": "reporter", "value": "Yu-Bao (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "assafelovic", "modules": ["ws Endpoint"], "product": "gpt-researcher", "versions": [{"status": "affected", "version": "3.4.0"}, {"status": "affected", "version": "3.4.1"}, {"status": "affected", "version": "3.4.2"}, {"status": "affected", "version": "3.4.3"}]}], "timeline": [{"lang": "en", "time": "2026-04-05T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-05T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-05T21:17:56.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/355419", "name": "VDB-355419 | assafelovic gpt-researcher ws Endpoint server_utils.py extract_command_data code injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355419/cti", "name": "VDB-355419 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/785858", "name": "Submit #785858 | assafelovic gpt-researcher 3.4.3 Unauthenticated Remote Code Execution", "tags": ["third-party-advisory"]}, {"url": "https://github.com/assafelovic/gpt-researcher/issues/1694", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/assafelovic/gpt-researcher/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract_command_data of the file backend/server/server_utils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "Code Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-06T06:30:14.722Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5631", "state": "PUBLISHED", "dateUpdated": "2026-04-06T14:49:37.041Z", "dateReserved": "2026-04-05T19:12:42.697Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-06T06:30:14.722Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract_command_data of the file backend/server/server_utils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "id": "CVE-2026-5631", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-06T07:16:01.983", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/assafelovic/gpt-researcher/"}, {"source": "cna@vuldb.com", "url": "https://github.com/assafelovic/gpt-researcher/issues/1694"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/785858"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355419"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355419/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-94"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.3"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "gpt-researcher", "source": "cna", "vendor": "assafelovic"}, "product": "gpt-researcher", "vendor": "assafelovic"}], "analysis": {"en": {"generated_at": "2026-04-06T10:21:16.503318+00:00", "value": {"mitigation_remediation": ["Update to a version newer than 3.4.3 once released by the vendor.", "If an update is not yet available, disable or remove the vulnerable websocket endpoint from the deployment.", "Monitor logs for unusual command execution patterns and network traffic indicating attempts to exploit the extraction routine.", "Contact the maintainer to request an expedited fix or advisory on interim hardening measures."], "summary": {"action": "Assess Impact", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects versions of assafelovic's gpt-researcher up to and including 3.4.3. No later releases are confirmed to be fixed in the provided data.", "description_and_impact": "A flaw in the function that extracts command data from arguments in the backend server of the gpt-researcher application allows a malicious actor to inject arbitrary code. The injection occurs when attacker-controlled input is passed to the server endpoint, resulting in execution of unintended commands. This could compromise the confidentiality, integrity, and availability of the host system.", "risk_and_exploitability": "The CVSS base score of 6.9 indicates a significant risk level. Though no EPSS score is available and the flaw is not listed in CISA's KEV catalog, the public disclosure and the ability to trigger the issue from a remote source suggest that an attacker could exploit the flaw without local privileges. The attack likely requires sending crafted payloads to the websocket endpoint\u2019s extract_command_data function, which the application currently sanitizes inadequately. Without an official patch, the risk remains present until mitigation steps are applied."}}}}, "created": "2026-04-06T20:15:01.099459+00:00", "updated": "2026-04-06T21:47:18.002625+00:00", "vendors": ["assafelovic", "assafelovic$PRODUCT$gpt-researcher"]}