Cyber Resilience

CVE-2025-0868

CriticalRCE

Published: 20 February 2025

Published
20 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.1728 95.2th percentile
Risk Priority 29 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0868 is a critical-severity Eval Injection (CWE-95) vulnerability in Cert (inferred from references). Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 4.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

A vulnerability resulting in remote code execution has been identified in DocsGPT versions 0.8.1 through 0.12.0. The issue arises from improper parsing of JSON data via the eval() function, enabling an attacker to supply arbitrary Python code for execution through the /api/remote endpoint. It is tracked as CWE-95 and carries a CVSS 4.0 score of 9.3 reflecting network-accessible attack vector, low complexity, and no required privileges or user interaction.

An unauthenticated remote attacker can send crafted requests to the exposed endpoint and obtain arbitrary code execution, resulting in full compromise of confidentiality, integrity, and availability on the affected DocsGPT instance.

Public advisories published by CERT.pl at the referenced URLs describe the flaw and point to the upstream DocsGPT repository for further details, though no specific patch or mitigation steps are enumerated in the available information. The associated EPSS score has remained flat at 0.1728 with no material increase observed after disclosure.

EU & UK References

Vulnerability details

A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.. This issue…

more

affects DocsGPT: from 0.8.1 through 0.12.0.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
Why these techniques?

Direct RCE via unauthenticated remote exploitation of a public-facing web app using Python eval injection.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-35002Shared CWE-95
CVE-2026-28370Shared CWE-95
CVE-2026-5971Shared CWE-95
CVE-2026-44128Shared CWE-95
CVE-2026-29091Shared CWE-95
CVE-2025-68271Shared CWE-95
CVE-2025-54322Shared CWE-95
CVE-2026-28505Shared CWE-95
CVE-2025-50187Shared CWE-95
CVE-2024-10633Shared CWE-95

Affected Assets

Cert
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of JSON inputs to the /api/remote endpoint to ensure they are within expected format, preventing arbitrary Python code execution via eval().

prevent

Mandates timely identification, reporting, and correction of the specific flaw in DocsGPT versions 0.8.1 through 0.12.0 that enables RCE through improper JSON parsing.

prevent

Enforces least privilege on the DocsGPT process to limit the scope and impact of potential RCE exploitation even if arbitrary code executes.

References