Executive Summary

CVE-2026-5000 is a critical security vulnerability in the localGPT product by PromtEngineer that affects all API endpoints due to a complete lack of authentication and authorization mechanisms.

The vulnerability exists because the backend API, specifically in the file backend/server.py, does not perform any authentication or authorization checks on HTTP methods such as GET, POST, and DELETE. This means any attacker can remotely access and manipulate sessions and messages without needing credentials.

• Unauthenticated attackers can list all sessions, retrieve messages, create new sessions and messages, and delete any session.
• Sessions are identified by UUIDs that can be enumerated or brute-forced, facilitating unauthorized access.
• The server's CORS policy is misconfigured to allow all origins, methods, and headers, increasing the risk of cross-origin attacks.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts including complete data disclosure, full data modification, and deletion capabilities by attackers.

• Attackers can steal sensitive data such as database credentials, API keys, customer personally identifiable information (PII), and proprietary business information.
• Attackers can delete sessions causing data loss and disrupt availability.
• The vulnerability allows lateral movement by attackers using stolen credentials and API keys to compromise further network and cloud resources.
• There is a risk of regulatory fines, legal fees, forensic costs, reputation damage, economic losses, and potential criminal liability.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability causes violations of multiple compliance standards and regulations including GDPR, CCPA, PCI DSS, HIPAA, and SOC 2.

Because it allows unauthorized access to sensitive personal and business data, it exposes organizations to regulatory fines that can reach up to €20 million, legal consequences, and increased forensic and remediation costs.

Failure to secure authentication and authorization mechanisms as required by these standards can lead to non-compliance and significant penalties.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by attempting unauthenticated HTTP requests to the API endpoints of the localGPT product, specifically targeting session management endpoints such as /sessions and /sessions/{id}.

For example, using curl commands to check if authentication is missing and unauthorized access is possible:

• List all sessions without authentication: curl -X GET http://<target>/sessions
• Retrieve messages of a specific session without authentication: curl -X GET http://<target>/sessions/<session_id>
• Attempt to create a new session without authentication: curl -X POST http://<target>/sessions -d '{}'
• Attempt to delete a session without authentication: curl -X DELETE http://<target>/sessions/<session_id>

If these commands succeed without requiring authentication, it indicates the presence of the vulnerability.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include implementing strong authentication and authorization mechanisms on all API endpoints.

• Implement JWT-based authentication with token expiration and secret keys.
• Add middleware or decorators to enforce authentication checks on all HTTP methods (GET, POST, DELETE).
• Add authorization checks to verify session ownership before allowing access or modification.
• Restrict session listing and message access to only the authenticated user's own sessions.
• Secure database queries to include user ownership verification.
• Fix CORS policy by restricting allowed origins, methods, and headers to trusted domains.

This vulnerability is critical and marked as P0 priority, requiring deployment of fixes within 24 hours to prevent trivial exploitation.

Useful 0 Not Useful 0