CVE-2026-5002
Published: 28 March 2026
Summary
CVE-2026-5002 is a medium-severity Injection (CWE-74) vulnerability. Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as LLM Application Platforms; in the LLM/Generative AI Risks risk domain.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-5002 is an injection vulnerability affecting PromtEngineer localGPT up to commit 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The issue resides in the _route_using_overviews function of the backend/server.py file within the LLM Prompt Handler component. Published on 2026-03-28, it carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and is associated with CWEs 74 and 707.
Remote attackers require no privileges or user interaction to exploit this vulnerability due to its low attack complexity and network accessibility. Successful manipulation enables injection attacks, resulting in low-level impacts to confidentiality, integrity, and availability.
VulDB advisories and a related GitHub issue document the public disclosure of the exploit. The product uses a rolling release model, so no specific affected or patched versions are disclosed. The vendor was notified early but provided no response or mitigation guidance.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-16933
Vulnerability details
A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function _route_using_overviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed from remote.…
more
The exploit has been disclosed to the public and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
AI Security AnalysisAI
- AI Category
- LLM Application Platforms
- Risk Domain
- LLM/Generative AI Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: llm
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote network-accessible injection vulnerability in the LLM prompt handler/server component directly enables exploitation of a public-facing application (T1190) for limited impact injection attacks.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mandates validation and sanitization of inputs to the _route_using_overviews function in backend/server.py to block injection manipulations in the LLM Prompt Handler.
Requires timely identification, reporting, and remediation of the specific injection flaw (CVE-2026-5002) in PromtEngineer localGPT.
Provides continuous vulnerability scanning to identify the injection vulnerability in localGPT up to commit 4d41c7d1713b16b216d8e062e51a5dd88b20b054.