CVE-2026-13483
Received Received - Intake

Insufficient Data Authenticity Check in DocsGPT Credential Storage

Publication date: 2026-06-28

Last updated on: 2026-06-28

Assigner: VulDB

Description
A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-28
Last Modified
2026-06-28
Generated
2026-06-28
AI Q&A
2026-06-28
EPSS Evaluated
N/A
NVD
CVE-2026-13483
EUVD
EUVD-2026-39983

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
arc53 docsgpt to 0.18.0 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-345 The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the DocsGPT application, specifically in the encrypt_credentials function responsible for encrypting stored credentials. The encryption used AES-CBC mode without any integrity protection, which means an attacker could modify the encrypted data without detection.

By tampering with the encrypted credential blobs, such as flipping a byte in the initialization vector (IV), an attacker can alter the decrypted plaintext data (for example, changing characters in JSON data) without triggering authentication failures.

The vulnerability allows remote attackers to manipulate encrypted credentials, potentially changing sensitive data. The issue was fixed by migrating encryption to AES-GCM, which provides both confidentiality and integrity through an authentication tag, preventing undetected tampering.

Impact Analysis

This vulnerability can impact you by allowing an attacker to modify encrypted credentials stored by DocsGPT without detection. Such tampering could lead to unauthorized changes in credential data, potentially causing incorrect authentication or authorization behavior.

Although the attack complexity is high and exploitability is difficult, the exploit has been published and could be used by attackers to manipulate credential data remotely.

If exploited, this could undermine the security of stored credentials, possibly leading to unauthorized access or other security issues depending on how the altered credentials are used.

Detection Guidance

This vulnerability involves tampering with encrypted credential blobs stored by DocsGPT. Detection involves verifying the integrity of these encrypted credentials to identify unauthorized modifications.

Since the vulnerability is related to the encryption method used in the file application/security/encryption.py, specifically the encrypt_credentials function, detection would require inspecting stored credential data for signs of tampering or integrity failures.

There are no specific network commands or system commands provided in the resources to detect this vulnerability directly.

However, as a practical approach, you could attempt to decrypt stored credentials using the vulnerable version of the software and check if altered ciphertexts decrypt without error, indicating the presence of the vulnerability.

Mitigation Strategies

The immediate mitigation step is to upgrade DocsGPT to a version that includes the fix implemented in pull request #2331, which migrates credential encryption from AES-CBC to AES-GCM, providing authenticated encryption with integrity checks.

After upgrading, it is important to rotate or re-encrypt existing stored credentials that were encrypted using the legacy AES-CBC method to ensure they benefit from the improved security.

The fix also includes binding the user ID as additional authenticated data to prevent cross-user replay attacks.

Until the fix is accepted and deployed, restrict access to the affected component and monitor for suspicious activity involving credential manipulation.

Compliance Impact

The vulnerability in DocsGPT's credential encryption allows tampering with encrypted credentials without detection due to lack of integrity protection. This flaw could undermine the confidentiality and integrity of stored sensitive data, which are critical requirements under common standards and regulations such as GDPR and HIPAA.

Specifically, the ability to alter encrypted credential data without triggering authentication failures means that data authenticity is compromised. This could lead to unauthorized access or modification of sensitive information, potentially violating data protection principles mandated by these regulations.

The fix migrating encryption from AES-CBC (which lacks message authentication) to AES-GCM (which provides both confidentiality and integrity) addresses these concerns by ensuring that any tampering with encrypted data causes decryption to fail, thereby improving compliance with data security requirements.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13483. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart