CVE-2026-0764
Published: 23 January 2026
Summary
CVE-2026-0764 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Binary-Husky Gpt Academic. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 41.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as LLM Application Platforms; in the Supply Chain and Deployment risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-3 (Malicious Code Protection).
Deeper analysis
CVE-2026-0764 is a remote code execution vulnerability in GPT Academic stemming from deserialization of untrusted data. The flaw resides in the application's upload endpoint, which fails to validate user-supplied input before performing deserialization, and carries a CVSS score of 9.8 under CWE-502.
Unauthenticated remote attackers can send crafted data to the upload endpoint and achieve arbitrary code execution with root privileges on affected installations. No user interaction or credentials are required for successful exploitation.
The issue was reported as ZDI-CAN-27957 and is covered by the Zero Day Initiative advisory ZDI-26-030.
EPSS for the vulnerability reached a peak of 0.0381 after disclosure before settling at the current value of 0.0226, indicating a measurable increase in exploitation interest following public release.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-4470
Vulnerability details
GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the…
more
upload endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27957.
- CWE(s)
AI Security AnalysisAI
- AI Category
- LLM Application Platforms
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: gpt
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of user-supplied data on the upload endpoint before any deserialization occurs, blocking the untrusted-data flaw that enables unauthenticated RCE.
Malicious-code protection mechanisms can inspect or sandbox deserialized payloads arriving at the upload endpoint, limiting arbitrary code execution as root.
Requires integrity verification of information (including uploaded objects) prior to processing, providing detection of tampered serialized data that would otherwise execute code.