VYPR
Vendor

Assafelovic

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2026-5632HigApr 6, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made…

  • CVE-2026-5633HigApr 6, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was determined in assafelovic gpt-researcher up to 3.4.3. Affected is an unknown function of the component ws Endpoint. Executing a manipulation of the argument source_urls can lead to server-side request forgery. It is possible to launch the attack remotely. The…

  • CVE-2026-5631HigApr 6, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract_command_data of the file backend/server/server_utils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be…

  • CVE-2026-5630MedApr 6, 2026
    risk 0.21cvss 4.3epss 0.00

    A flaw has been found in assafelovic gpt-researcher up to 3.4.3. The impacted element is an unknown function of the file backend/server/app.py of the component Report API. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The…

  • CVE-2026-5625MedApr 6, 2026
    risk 0.21cvss 4.3epss 0.00

    A weakness has been identified in assafelovic gpt-researcher up to 3.4.3. This issue affects some unknown processing of the file gpt_researcher/skills/researcher.py of the component WebSocket Interface. Executing a manipulation of the argument task can lead to cross site…