CVE-2026-5632
Authentication Bypass in assafelovic gpt-researcher HTTP API
Publication date: 2026-04-06
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| assafelovic | gpt_researcher | to 3.4.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-5632 is a critical security vulnerability in GPT Researcher (versions up to 3.4.3) caused by the complete absence of authentication and authorization mechanisms across all HTTP REST API endpoints and the WebSocket interface.
This flaw allows any unauthenticated network user to access and manipulate sensitive functions such as file upload, deletion, research task generation, report access, chat, and WebSocket connections.
The server binds to all network interfaces (0.0.0.0), exposing the application to the entire network without any authentication middleware, API key validation, session management, or authorization checks.
No security libraries or constructs are used, and default deployment instructions do not implement any authentication, making the application fully exposed to unauthorized access.
How can this vulnerability impact me? :
This vulnerability can lead to severe impacts including unauthorized data access and manipulation.
- Data theft of all research reports.
- Arbitrary file deletion causing data loss.
- Financial loss due to unlimited triggering of costly large language model API calls.
- Denial of service through resource exhaustion.
- Server-side configuration manipulation via the WebSocket interface affecting all users.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the GPT Researcher HTTP REST API endpoints and WebSocket interface are accessible without authentication. Since the server binds to all network interfaces (0.0.0.0) and exposes all critical endpoints without any authentication or authorization, you can attempt to access these endpoints directly to verify the vulnerability.
- Use curl or similar HTTP clients to send requests to critical endpoints such as GET /api/reports, POST /upload/, DELETE /files/{filename}, or GET /outputs/ to see if they respond without authentication.
- Example commands to test unauthenticated access:
- curl -v http://<target-ip>:<port>/api/reports
- curl -v -X POST http://<target-ip>:<port>/upload/ -F '[email protected]'
- curl -v -X DELETE http://<target-ip>:<port>/files/test.txt
- curl -v http://<target-ip>:<port>/outputs/report.pdf
- Attempt to connect to the WebSocket endpoint ws://<target-ip>:<port>/ws to check if it allows unauthenticated connections.
If these commands succeed without requiring authentication, the system is vulnerable.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing authentication and authorization controls on all HTTP REST API endpoints and the WebSocket interface to prevent unauthenticated access.
- Add API key authentication middleware using FastAPI security utilities such as APIKeyHeader.
- Protect all sensitive endpoints including file upload, deletion, report generation, chat, and WebSocket connections with authentication dependencies.
- Implement WebSocket authentication requiring valid tokens during the handshake.
- Restrict server binding from 0.0.0.0 to 127.0.0.1 to limit network exposure.
- Remove or secure the static /outputs/ file mount to prevent unauthenticated report downloads.
- Implement rate limiting to prevent abuse and denial of service.
- Use an authenticated reverse proxy such as Nginx with Basic Auth as an external mitigation until the application is patched.
Note that no fixed version currently exists, so these mitigations must be applied manually.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in GPT Researcher (up to version 3.4.3) results in a complete lack of authentication and authorization across all HTTP REST API endpoints and WebSocket interfaces. This allows unauthenticated users to access, manipulate, and exfiltrate sensitive data, including research reports and uploaded files.
Such unauthorized access and data exposure can lead to violations of common data protection standards and regulations like GDPR and HIPAA, which require strict controls over access to personal and sensitive information to ensure confidentiality, integrity, and availability.
The absence of authentication and authorization mechanisms, combined with the exposure of sensitive endpoints and data, increases the risk of data breaches, unauthorized data processing, and potential financial and reputational damage, all of which negatively impact compliance with these regulations.
No built-in mitigations or security controls exist in the default deployment, and suggested external mitigations are weak and incomplete, further exacerbating compliance risks.