Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
7.5
HIGH
CVE-2026-5632
— assafelovic gpt-researcher HTTP REST API Endpoint missing authentication
A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authenticat…
Remote
|
Authentication
Apr 06, 2026
Apr 29, 2026
Apr 06, 2026
Apr 29, 2026
7.5
HIGH
CVE-2026-5631
— assafelovic gpt-researcher ws Endpoint server_utils.py extract_command_data code injection
A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract_command_data of the file backend/server/server_utils.py of the component ws Endpoint. Such …
Remote
|
Injection
Apr 06, 2026
Apr 29, 2026
Apr 06, 2026
Apr 29, 2026
5.3
MEDIUM
CVE-2026-5630
— assafelovic gpt-researcher Report API app.py cross site scripting
A flaw has been found in assafelovic gpt-researcher up to 3.4.3. The impacted element is an unknown function of the file backend/server/app.py of the component Report API. This manipulation causes cr…
Remote
|
Cross-Site Scripting
Apr 06, 2026
Apr 29, 2026
Apr 06, 2026
Apr 29, 2026