CVE-2026-5632
Received Received - Intake
Authentication Bypass in assafelovic gpt-researcher HTTP API

Publication date: 2026-04-06

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-06
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5632
EUVD
EUVD-2026-19188
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
assafelovic gpt_researcher to 3.4.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5632 is a critical security vulnerability in GPT Researcher (versions up to 3.4.3) caused by the complete absence of authentication and authorization mechanisms across all HTTP REST API endpoints and the WebSocket interface.

This flaw allows any unauthenticated network user to access and manipulate sensitive functions such as file upload, deletion, research task generation, report access, chat, and WebSocket connections.

The server binds to all network interfaces (0.0.0.0), exposing the application to the entire network without any authentication middleware, API key validation, session management, or authorization checks.

No security libraries or constructs are used, and default deployment instructions do not implement any authentication, making the application fully exposed to unauthorized access.

Impact Analysis

This vulnerability can lead to severe impacts including unauthorized data access and manipulation.

  • Data theft of all research reports.
  • Arbitrary file deletion causing data loss.
  • Financial loss due to unlimited triggering of costly large language model API calls.
  • Denial of service through resource exhaustion.
  • Server-side configuration manipulation via the WebSocket interface affecting all users.
Detection Guidance

This vulnerability can be detected by checking if the GPT Researcher HTTP REST API endpoints and WebSocket interface are accessible without authentication. Since the server binds to all network interfaces (0.0.0.0) and exposes all critical endpoints without any authentication or authorization, you can attempt to access these endpoints directly to verify the vulnerability.

  • Use curl or similar HTTP clients to send requests to critical endpoints such as GET /api/reports, POST /upload/, DELETE /files/{filename}, or GET /outputs/ to see if they respond without authentication.
  • Example commands to test unauthenticated access:
  • curl -v http://<target-ip>:<port>/api/reports
  • curl -v -X POST http://<target-ip>:<port>/upload/ -F '[email protected]'
  • curl -v -X DELETE http://<target-ip>:<port>/files/test.txt
  • curl -v http://<target-ip>:<port>/outputs/report.pdf
  • Attempt to connect to the WebSocket endpoint ws://<target-ip>:<port>/ws to check if it allows unauthenticated connections.

If these commands succeed without requiring authentication, the system is vulnerable.

Mitigation Strategies

Immediate mitigation steps include implementing authentication and authorization controls on all HTTP REST API endpoints and the WebSocket interface to prevent unauthenticated access.

  • Add API key authentication middleware using FastAPI security utilities such as APIKeyHeader.
  • Protect all sensitive endpoints including file upload, deletion, report generation, chat, and WebSocket connections with authentication dependencies.
  • Implement WebSocket authentication requiring valid tokens during the handshake.
  • Restrict server binding from 0.0.0.0 to 127.0.0.1 to limit network exposure.
  • Remove or secure the static /outputs/ file mount to prevent unauthenticated report downloads.
  • Implement rate limiting to prevent abuse and denial of service.
  • Use an authenticated reverse proxy such as Nginx with Basic Auth as an external mitigation until the application is patched.

Note that no fixed version currently exists, so these mitigations must be applied manually.

Compliance Impact

The vulnerability in GPT Researcher (up to version 3.4.3) results in a complete lack of authentication and authorization across all HTTP REST API endpoints and WebSocket interfaces. This allows unauthenticated users to access, manipulate, and exfiltrate sensitive data, including research reports and uploaded files.

Such unauthorized access and data exposure can lead to violations of common data protection standards and regulations like GDPR and HIPAA, which require strict controls over access to personal and sensitive information to ensure confidentiality, integrity, and availability.

The absence of authentication and authorization mechanisms, combined with the exposure of sensitive endpoints and data, increases the risk of data breaches, unauthorized data processing, and potential financial and reputational damage, all of which negatively impact compliance with these regulations.

No built-in mitigations or security controls exist in the default deployment, and suggested external mitigations are weak and incomplete, further exacerbating compliance risks.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5632. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart