Vulnerabilities ›

CVE-2026-5001

High

CWE-284 — Weakness Type

                    Published: Mar 28, 2026                      ·  Modified: Apr 4, 2026                      ·  Source: NVD                

CVSS v3

7.3

🔗 NVD Official

📄 Description (English)

A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function do_POST of the file backend/server.py. This manipulation causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been published and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The vendor was contacted early about this disclosure but did not respond in any way.

🤖 AI Executive Summary

CVE-2026-5001 is a critical file upload vulnerability in PromtEngineer localGPT affecting the backend/server.py do_POST function, allowing unrestricted file uploads without proper access controls (CWE-284). With a CVSS score of 7.3 and publicly disclosed exploit code, this vulnerability poses significant risk to organizations deploying localGPT for AI/ML workloads. No patch is currently available from the vendor, requiring immediate compensating controls and alternative solutions.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 6, 2026 20:37

🇸🇦 Saudi Arabia Impact Assessment

Saudi organizations using localGPT for AI/ML applications—particularly in banking (SAMA-regulated institutions), government agencies (NCA oversight), healthcare systems, and energy sector (ARAMCO subsidiaries)—face significant risk. The unrestricted file upload vulnerability could enable: (1) malware injection into AI model pipelines, (2) data exfiltration of sensitive datasets, (3) lateral movement within enterprise networks, (4) compromise of AI model integrity affecting critical decision-making systems. Government entities and financial institutions are highest priority due to regulatory compliance requirements and data sensitivity.

🏢 Affected Saudi Sectors

Banking and Financial Services (SAMA-regulated) Government and Public Administration (NCA oversight) Healthcare and Medical Services Energy and Utilities (ARAMCO, SEC) Telecommunications (STC, Mobily) Education and Research Institutions AI/ML Development and Deployment Centers

🎯 MITRE ATT&CK Techniques

T1190 - Exploit Public-Facing Application: Unrestricted file upload in web application T1566.001 - Phishing: Attachment via file upload mechanism T1105 - Ingress Tool Transfer: Upload malicious files to target system T1059 - Command and Scripting Interpreter: Execute uploaded scripts T1204.002 - User Execution: Social engineering to upload malicious files T1574.001 - Hijack Execution Flow: Modify uploaded files to alter application behavior T1040 - Traffic Capture: Exfiltrate data through uploaded files

⚖️ Saudi Risk Score (AI)

8.2

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Disable or isolate all localGPT instances from production environments until mitigation is confirmed

2. Conduct forensic analysis of upload directories for suspicious files (check timestamps, file types, sizes)

3. Review access logs for do_POST endpoint (backend/server.py) for unauthorized upload attempts

4. Implement network segmentation to restrict localGPT server access to trusted networks only



COMPENSATING CONTROLS:

1. Deploy Web Application Firewall (WAF) rules to block POST requests to /upload or file upload endpoints

2. Implement strict file type validation at network layer (whitelist only expected file extensions)

3. Configure file upload directory with read-only permissions and disable script execution

4. Enable comprehensive logging and monitoring of all file operations

5. Implement rate limiting on POST requests to backend/server.py



DETECTION RULES:

1. Monitor for POST requests to backend/server.py with unusual Content-Type headers

2. Alert on file uploads exceeding expected size thresholds

3. Detect execution of uploaded files in upload directories

4. Flag access to do_POST function from non-whitelisted IP ranges

5. Monitor for suspicious file extensions in upload directories (.exe, .sh, .py, .jsp)



LONG-TERM:

1. Evaluate alternative AI/ML frameworks with better security posture

2. Consider commercial localGPT alternatives with vendor support

3. Implement code review process for open-source AI tools before deployment

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تعطيل أو عزل جميع مثيلات localGPT عن بيئات الإنتاج حتى يتم تأكيد التخفيف

2. إجراء تحليل جنائي لمجلدات التحميل بحثاً عن ملفات مريبة (التحقق من الطوابع الزمنية وأنواع الملفات والأحجام)

3. مراجعة سجلات الوصول لنقطة نهاية do_POST (backend/server.py) للبحث عن محاولات تحميل غير مصرح بها

4. تنفيذ تقسيم الشبكة لتقييد وصول خادم localGPT إلى الشبكات الموثوقة فقط

الضوابط التعويضية:

1. نشر قواعد جدار حماية تطبيقات الويب (WAF) لحظر طلبات POST إلى نقاط نهاية التحميل

2. تنفيذ التحقق الصارم من نوع الملف على مستوى الشبكة (قائمة بيضاء بامتدادات الملفات المتوقعة فقط)

3. تكوين مجلد التحميل بأذونات القراءة فقط وتعطيل تنفيذ البرامج النصية

4. تفعيل السجلات الشاملة ومراقبة جميع عمليات الملفات

5. تنفيذ تحديد معدل الطلبات على طلبات POST إلى backend/server.py

قواعد الكشف:

1. مراقبة طلبات POST إلى backend/server.py برؤوس Content-Type غير عادية

2. التنبيه على تحميلات الملفات التي تتجاوز حدود الحجم المتوقعة

3. كشف تنفيذ الملفات المرفوعة في مجلدات التحميل

4. وضع علامة على الوصول إلى وظيفة do_POST من نطاقات IP غير موثوقة

5. مراقبة امتدادات الملفات المريبة في مجلدات التحميل (.exe, .sh, .py, .jsp)

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.6.1 - Access Control: Unrestricted file upload violates principle of least privilege ECC 2024 A.12.4 - Logging and Monitoring: Insufficient controls on file upload operations ECC 2024 A.14.2 - System Development and Maintenance: Secure coding practices not followed in do_POST function

🔵 SAMA CSF

SAMA CSF ID.AC-1 - Identity and Access Management: Lack of proper authentication/authorization for upload function SAMA CSF PR.DS-1 - Data Security: Uncontrolled file uploads enable data compromise SAMA CSF DE.CM-1 - Detection and Analysis: Insufficient monitoring of file upload activities

🟡 ISO 27001:2022

ISO 27001:2022 A.5.15 - Access Control: Inadequate access restrictions on file upload functionality ISO 27001:2022 A.8.3 - Cryptography: No validation of uploaded file integrity ISO 27001:2022 A.12.4 - Logging: Insufficient audit trails for upload operations ISO 27001:2022 A.14.2 - System Development: Secure development practices not applied

🟣 PCI DSS v4.0.1

PCI DSS 6.5.1 - Injection flaws: File upload can be vector for code injection PCI DSS 6.5.8 - Improper access control: Unrestricted uploads violate principle of least privilege PCI DSS 10.2 - Logging: Insufficient logging of file upload activities

🔗 References & Sources 4

🔗

https://github.com/August829/CVEP/issues/7

cna@vuldb.com

🔗

https://vuldb.com/submit/778316

cna@vuldb.com

🔗

https://vuldb.com/vuln/353888

cna@vuldb.com

🔗

https://vuldb.com/vuln/353888/cti

cna@vuldb.com

📊 CVSS Score

7.3

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity High

CVSS Score7.3

CWECWE-284

EPSS0.05%

Exploit No

Patch ✗ No

Published 2026-03-28

Source Feed nvd

🇸🇦 Saudi Risk Score

8.2

/ 10.0 — Saudi Risk

Priority: CRITICAL

🏷️ Tags

CWE-284

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-5001

💬 Comments

Introduce Yourself

Sign In Required