CVE-2026-5000

HIGH

PromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authentication

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-5000. PoCs published by Perl-Code.

AI-analyzed exploit summary The repository claims to contain a PoC for CVE-2026-5000 but only provides a README with vague descriptions and no actual exploit code. It directs users to download an executable from an external 'releases' section, which is a common tactic for distributing malware or fake exploits.

Description

A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the function LocalGPTHandler of the file backend/server.py of the component API Endpoint. The manipulation of the argument BaseHTTPRequestHandler results in missing authentication. The attack can be executed remotely. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

nomisec SUSPICIOUS

by Perl-Code · poc

https://github.com/Perl-Code/CVE-2026-5000

View Code ZIP pw:eip

The repository claims to contain a PoC for CVE-2026-5000 but only provides a README with vague descriptions and no actual exploit code. It directs users to download an executable from an external 'releases' section, which is a common tactic for distributing malware or fake exploits.

Classification

Suspicious 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: Windows Defender

No auth needed

Prerequisites: Windows 10/11 with Windows Defender

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Apr 28, 2026 Full analysis →

References (4)

Core 4

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-353887 | PromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authentication

https://vuldb.com/vuln/353887

Signature, Permissions Required signature permissions-required

VDB-353887 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/353887/cti

Third Party Advisory third-party-advisory

Submit #778315 | PromtEngineer localGPT Latest (commit 4d41c7d) Missing Authentication and Authorization

https://vuldb.com/submit/778315

Issue Tracking issue-tracking

https://github.com/August829/CVEP/issues/8

Scores

CVSS v3 7.3

EPSS 0.0039

EPSS Percentile 30.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-287 CWE-306

Status published

Products (1)

PromtEngineer/localGPT 4d41c7d1713b16b216d8e062e51a5dd88b20b054

Published Mar 28, 2026

Tracked Since Mar 29, 2026