{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5633", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-05T19:12:48.549Z", "datePublished": "2026-04-06T07:00:19.658Z", "dateUpdated": "2026-04-06T12:25:13.754Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-06T07:00:19.658Z"}, "title": "assafelovic gpt-researcher ws Endpoint server-side request forgery", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-918", "lang": "en", "description": "Server-Side Request Forgery"}]}], "affected": [{"vendor": "assafelovic", "product": "gpt-researcher", "versions": [{"version": "3.4.0", "status": "affected"}, {"version": "3.4.1", "status": "affected"}, {"version": "3.4.2", "status": "affected"}, {"version": "3.4.3", "status": "affected"}], "modules": ["ws Endpoint"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in assafelovic gpt-researcher up to 3.4.3. Affected is an unknown function of the component ws Endpoint. Executing a manipulation of the argument source_urls can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-05T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-05T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-05T21:18:02.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yu-Bao (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355421", "name": "VDB-355421 | assafelovic gpt-researcher ws Endpoint server-side request forgery", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355421/cti", "name": "VDB-355421 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/785876", "name": "Submit #785876 | assafelovic gpt-researcher 3.4.3 Unauthenticated Server-Side Request Forgery (SSRF)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/assafelovic/gpt-researcher/issues/1696", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/assafelovic/gpt-researcher/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T12:13:50.726245Z", "id": "CVE-2026-5633", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T12:25:13.754Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5633", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T12:13:50.726245Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T12:25:06.450Z"}}], "cna": {"title": "assafelovic gpt-researcher ws Endpoint server-side request forgery", "credits": [{"lang": "en", "type": "reporter", "value": "Yu-Bao (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "assafelovic", "modules": ["ws Endpoint"], "product": "gpt-researcher", "versions": [{"status": "affected", "version": "3.4.0"}, {"status": "affected", "version": "3.4.1"}, {"status": "affected", "version": "3.4.2"}, {"status": "affected", "version": "3.4.3"}]}], "timeline": [{"lang": "en", "time": "2026-04-05T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-05T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-05T21:18:02.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/355421", "name": "VDB-355421 | assafelovic gpt-researcher ws Endpoint server-side request forgery", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355421/cti", "name": "VDB-355421 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/785876", "name": "Submit #785876 | assafelovic gpt-researcher 3.4.3 Unauthenticated Server-Side Request Forgery (SSRF)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/assafelovic/gpt-researcher/issues/1696", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/assafelovic/gpt-researcher/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in assafelovic gpt-researcher up to 3.4.3. Affected is an unknown function of the component ws Endpoint. Executing a manipulation of the argument source_urls can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "Server-Side Request Forgery"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-06T07:00:19.658Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5633", "state": "PUBLISHED", "dateUpdated": "2026-04-06T12:25:13.754Z", "dateReserved": "2026-04-05T19:12:48.549Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-06T07:00:19.658Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in assafelovic gpt-researcher up to 3.4.3. Affected is an unknown function of the component ws Endpoint. Executing a manipulation of the argument source_urls can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."}], "id": "CVE-2026-5633", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-06T08:16:39.487", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/assafelovic/gpt-researcher/"}, {"source": "cna@vuldb.com", "url": "https://github.com/assafelovic/gpt-researcher/issues/1696"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/785876"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355421"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355421/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.4.3"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "gpt-researcher", "source": "cna", "vendor": "assafelovic"}, "product": "gpt-researcher", "vendor": "assafelovic"}], "analysis": {"en": {"generated_at": "2026-04-06T10:50:20.807758+00:00", "value": {"mitigation_remediation": ["Upgrade gpt\u2011researcher to the latest release once a fix is published", "Disable or restrict the ws endpoint to trusted IP ranges if an upgrade cannot be performed immediately", "Validate source_urls to allow only whitelisted domains and schemes, rejecting relative or disallowed protocols", "Monitor outbound traffic from gpt\u2011researcher for unexpected external requests and set up alerts", "Continuously check the GitHub repository and issue tracker for updates or community workarounds"], "summary": {"action": "Apply Patch", "impact": "Server\u2011Side Request Forgery"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the open\u2011source gpt\u2011researcher utility maintained under assafelovic. Versions up to 3.4.3 are vulnerable; newer releases have not been confirmed to contain a fix. The tool is often deployed in research environments that expose the ws endpoint.", "description_and_impact": "The flaw in the ws endpoint of gpt\u2011researcher allows an attacker to control the source_urls parameter, causing the server to send HTTP requests to arbitrary destinations. This can lead to unauthorized data access, credential theft, or reconnaissance against internal services. The problem is identified as a server\u2011side request forgery (CWE\u2011918).", "risk_and_exploitability": "The CVSS score of 6.9 indicates moderate severity; no public EPSS score is available, and the issue is not listed in CISA's Known Exploited Vulnerabilities catalog. Nonetheless, the flaw can be triggered remotely through crafted source_urls without authentication, making exposed deployments susceptible to compromise."}}}}, "created": "2026-04-06T20:14:59.183737+00:00", "updated": "2026-04-06T21:47:16.090771+00:00", "vendors": ["assafelovic", "assafelovic$PRODUCT$gpt-researcher"]}