All 4 CVE vulnerabilities found in localGPT, with AI-generated Chinese analysis, references, and POCs.
Vendor: PromtEngineer
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-5003 | PromtEngineer localGPT Web api_server.py handle_index information disclosure CWE-200 | 5.3 | Medium | 2026-03-28 |
| CVE-2026-5002 | PromtEngineer localGPT LLM Prompt server.py _route_using_overviews injection CWE-74 | 7.3 | High | 2026-03-28 |
| CVE-2026-5001 | PromtEngineer localGPT server.py do_POST unrestricted upload CWE-434 | 7.3 | High | 2026-03-28 |
| CVE-2026-5000 | PromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authentication CWE-306 | 7.3 | High | 2026-03-28 |
All 4 known CVE vulnerabilities affecting localGPT with full Chinese analysis, references, and POCs where available.