CVE-2026-26015
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0.
Ver en NVDAnálisis
DocsGPT versions 0.15.0 through 0.15.x are vulnerable to a critical command injection flaw that allows unauthenticated remote code execution (RCE). Anyone running a self-hosted or public deployment of this tool should upgrade to version 0.16.0 immediately to prevent attackers from taking control of the server.
Severidad
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCWE-77EPSS
Afecta
arc53:docsgptDescripción técnica
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0.
Referencias
- https://github.com/arc53/DocsGPT/releases/tag/0.16.0
- https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74
- https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/
- https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp/
- https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74