Lucene search
K

9 matches found

EUVD
EUVD
added 2026/04/06 9:31 a.m.6 views

EUVD-2026-19190

A vulnerability was determined in assafelovic gpt-researcher up to 3.4.3. Affected is an unknown function of the component ws Endpoint. Executing a manipulation of the argument sourceurls can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/06 8:11 a.m.4 views

Arbitrary Code Injection

Overview gpt-researcher is a GPT Researcher is an autonomous agent designed for comprehensive web research on any task Affected versions of this package are vulnerable to Arbitrary Code Injection in the extractcommanddata function of the /ws endpoint. An attacker can execute arbitrary code by...

7.5CVSS6.3AI score0.00311EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/06 7:0 a.m.3 views

CVE-2026-5633 assafelovic gpt-researcher ws Endpoint server-side request forgery

A vulnerability was determined in assafelovic gpt-researcher up to 3.4.3. Affected is an unknown function of the component ws Endpoint. Executing a manipulation of the argument sourceurls can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:0 a.m.3 views

CVE-2026-5633

A vulnerability was determined in assafelovic gpt-researcher up to 3.4.3. Affected is an unknown function of the component ws Endpoint. Executing a manipulation of the argument sourceurls can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/06 6:30 a.m.2 views

CVE-2026-5631

A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extractcommanddata of the file backend/server/serverutils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote. T...

7.5CVSS6.7AI score0.00311EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 6:30 a.m.3 views

CVE-2026-5631 assafelovic gpt-researcher ws Endpoint server_utils.py extract_command_data code injection

A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extractcommanddata of the file backend/server/serverutils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote. T...

7.5CVSS6.7AI score0.00311EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/16 6:46 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization through the WebSocket session handling in kernel/util/websocket.go. An attacker can connect to the /ws endpoint and receive real-time document metadata and activity events by using the special id=auth WebSocket...

7.5CVSS5.8AI score0.00361EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2009/05/18 8:28 p.m.7 views

OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)

Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to cause a denial of service probably resource consumption for a JAX-WS service endpoint via a connection without...

5CVSS6.1AI score0.03584EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/03/26 4:3 p.m.8 views

OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)

Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to cause a denial of service probably resource consumption for a JAX-WS service endpoint via a connection without...

5CVSS6.1AI score0.03584EPSS
Exploits0References4
Rows per page
Query Builder