Platform
python
Component
gpt-researcher
Fixed in
3.4.1
3.4.2
3.4.3
3.4.4
A code injection vulnerability has been identified in assafelovic's gpt-researcher, affecting versions 3.4.0 through 3.4.3. This flaw resides within the extractcommanddata function of the backend/server/server_utils.py component, specifically the ws Endpoint. Successful exploitation allows a remote attacker to inject and execute arbitrary code, potentially leading to system compromise. The vulnerability has been publicly disclosed and a fix is pending.
The impact of this code injection vulnerability is significant. An attacker can leverage this flaw to execute arbitrary code on the server hosting the gpt-researcher application. This could lead to complete system compromise, including data exfiltration, modification, or deletion. The attacker could potentially gain persistent access, install malware, or use the compromised system as a launchpad for further attacks within the network. Given the remote nature of the exploit, the blast radius extends to any system accessible to the attacker.
This vulnerability was disclosed on 2026-04-06 and a public exploit may be available. The project maintainers have not yet responded to the issue report. The CVSS score of 7.3 (HIGH) indicates a significant risk. Monitor security advisories and threat intelligence feeds for any signs of active exploitation. The lack of a response from the project raises concerns about the timeliness of a fix.
Exploit Status
EPSS
0.06% (19% percentile)
CISA SSVC
CVSS Vector
As a fix is pending from the project maintainers, immediate mitigation steps are crucial. Consider implementing strict input validation and sanitization for all data received by the extractcommanddata function. Employ a Web Application Firewall (WAF) with rules to detect and block suspicious code injection attempts. Monitor the ws Endpoint for unusual activity and unexpected command executions. While a direct rollback isn't feasible without a previous version, limiting access to the gpt-researcher service and closely monitoring logs are essential until a patch is available. After a patch is released, thoroughly test it in a non-production environment before deploying to production.
Update to a patched version of gpt-researcher that addresses the code injection (Code Injection) vulnerability in the extract_command_data function. Since the project has not responded, it is recommended to investigate and apply patches manually or look for actively maintained forks with fixes.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5631 is a code injection vulnerability affecting gpt-researcher versions 3.4.0–3.4.3. It allows remote attackers to execute arbitrary code via the extractcommanddata function.
You are affected if you are using gpt-researcher versions 3.4.0, 3.4.1, 3.4.2, or 3.4.3 and have not yet applied a patch. Monitor for updates from the project maintainers.
A patch is pending. Implement input validation, WAF rules, and monitor logs as immediate mitigations. Upgrade as soon as a fix is released.
The vulnerability has been publicly disclosed, and a public exploit may be available. Monitor security advisories for confirmed exploitation.
Check the project's GitHub repository and relevant security mailing lists for updates. The project maintainers have not yet responded to the issue report.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.