📄 DocsGPT 0.12.0 Remote Code Execution

DocsGPT version 0.12.0 suffers from a remote code execution vulnerability. Exploit Title: DocsGPT 0.12.0 - Remote Code Execution Date: 09/04/2025 Exploit Author: Shreyas Malhotra OSMSEC Vendor Homepage: https://github.com/arc53/docsgpt Software Link:...

CVE-2025-0868

A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0...

GHSA-9GFF-5V8W-X922 DocsGPT Allows Remote Code Execution

A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0...

CVE-2025-0868

A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.. This issue affects DocsGPT: from 0.8.1 through 0.12.0...

CVE-2025-0868

DocsGPT (versions 0.8.1–0.12.0) contains a Remote Code Execution vulnerability caused by unsafe JSON parsing with eval() in the /api/remote endpoint. Unauthenticated, network-accessible attackers can inject arbitrary Python code, enabling full server compromise with high impact on confidentiality...