Which versions of Gpt Researcher are affected by CVE-2026-5631?

gpt-researcher versions up to 3.4.3 contain a remote code execution vulnerability in the WebSocket endpoint that allows unauthenticated attackers to execute arbitrary code on affected systems.

Is there a public PoC exploit available for CVE-2026-5631?

Yes, a public proof-of-concept exploit is available for CVE-2026-5631. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-5631?

Within 24 hours: Identify all gpt-researcher deployments and their versions using asset inventory tools; isolate or disable any instances running versions 3.4.3 or earlier if internet-facing. Within 7 days: Monitor the assafelovic/gpt-researcher GitHub repository and vendor advisories for patch availability; consider implementing network segmentation to restrict WebSocket endpoint access to trusted networks only. Within 30 days: Apply vendor-released patch immediately upon availability; conduct forensic review of logs for indicators of exploitation (unusual WebSocket traffic, code execution artifacts).

Gpt Researcher CVE-2026-5631

Q: What is the CVSS score of CVE-2026-5631?

CVE-2026-5631 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-19186 MEDIUM

Code Injection (CWE-94)

2026-04-06 VulDB

Code Injection RCE Gpt Researcher

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 29, 2026 - 01:11 NVD

6.9 (MEDIUM) 5.5 (MEDIUM)

PoC Detected

Apr 07, 2026 - 13:20 vuln.today

Public exploit code

EUVD ID Assigned

Apr 06, 2026 - 07:00 euvd

EUVD-2026-19186

Analysis Generated

Apr 06, 2026 - 07:00 vuln.today

CVE Published

Apr 06, 2026 - 06:30 nvd

MEDIUM 6.9

DescriptionCVE.org

A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract_command_data of the file backend/server/server_utils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Remote code injection in gpt-researcher (assafelovic) versions up to 3.4.3 allows unauthenticated attackers to execute arbitrary code via the WebSocket endpoint's extract_command_data function. The vulnerability stems from improper input validation of the 'args' parameter in backend/server/server_utils.py. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	The CVSS 7.3 score reflects high exploitability: network-accessible (AV:N), low complexity (AC:L), and requires no authentication (PR:N) or user interaction (UI:N), resulting in partial impact across confidentiality, integrity, and availability (C:L/I:L/A:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An unauthenticated remote attacker identifies an internet-facing gpt-researcher instance by scanning for exposed WebSocket endpoints on common ports. The attacker crafts a malicious WebSocket message containing injected code in the 'args' parameter, sending it to the vulnerable extract_command_data function. …
Remediation	No vendor-released patch identified at time of analysis, as the project maintainer has not responded to the vulnerability disclosure reported via GitHub issue #1694. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all gpt-researcher deployments and their versions using asset inventory tools; isolate or disable any instances running versions 3.4.3 or earlier if internet-facing. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-5631 vulnerability details – vuln.today

Back