CVE-2026-5001
Published: 28 March 2026
Summary
CVE-2026-5001 is a medium-severity Improper Access Control (CWE-284) vulnerability. Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-5001 is an unrestricted file upload vulnerability in the PromtEngineer localGPT project, affecting commits up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The flaw resides in the do_POST function within the backend/server.py file, allowing manipulation that enables unrestricted uploads. This issue carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and is associated with CWE-284 (Improper Access Control) and CWE-434 (Unrestricted Upload of File with Dangerous Type). The product follows a rolling release strategy, so no specific affected or patched versions are defined.
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, primarily through uploading arbitrary files to the server, which could facilitate further compromise depending on the uploaded content and server configuration.
Advisories from sources like VULDB and a GitHub issue tracker (https://github.com/August829/CVEP/issues/7, https://vuldb.com/?submit/778316, https://vuldb.com/vuln/353888, https://vuldb.com/vuln/353888/cti) confirm the remote exploitability and note that a proof-of-concept has been published and may be actively used. The vendor was notified early but provided no response, and no official patches or mitigations are specified due to the rolling release model; practitioners should monitor for commits beyond the affected hash and implement network controls to block unauthorized uploads.
Notable context includes the public availability of the exploit, increasing real-world risk, and the software's focus on localGPT, suggesting relevance to local AI/ML deployments for prompt engineering and language model inference.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-16932
Vulnerability details
A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function do_POST of the file backend/server.py. This manipulation causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been…
more
published and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload in exposed server.py do_POST directly enables remote exploitation of public-facing app (T1190); arbitrary file placement facilitates web shell deployment (T1505.003) and ingress of attacker tools (T1105).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses unrestricted file uploads by requiring validation of inputs to the do_POST function for file type, size, and dangerous content.
Enforces access control policies to prevent unauthorized remote file uploads due to improper access control in backend/server.py.
Restricts classes of file inputs allowed via the vulnerable endpoint, mitigating CWE-434 unrestricted upload of dangerous types.