{"id":"CVE-2026-26015","summary":"Unauthenticated RCE in DocsGPT MCP STDIO Configuration","details":"DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the \"MCP test\" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0.","aliases":["GHSA-gcrq-f296-2j74"],"modified":"2026-07-15T01:49:22.112437110Z","published":"2026-04-29T17:37:25.524Z","database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-77"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/26xxx/CVE-2026-26015.json"},"references":[{"type":"WEB","url":"https://github.com/arc53/DocsGPT/releases/tag/0.16.0"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/26xxx/CVE-2026-26015.json"},{"type":"ADVISORY","url":"https://github.com/arc53/DocsGPT/security/advisories/GHSA-gcrq-f296-2j74"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26015"},{"type":"ADVISORY","url":"https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/"},{"type":"ARTICLE","url":"https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/arc53/docsgpt","events":[{"introduced":"e68da34c1317185a14928a34fa96956b7cbb48bd"},{"fixed":"72b3d944534244baed4727824f30c55bc3d82495"}],"database_specific":{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"0.15.0"},{"fixed":"0.16.0"}]}}],"versions":["0.15.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-26015.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"}]}