Vulnerabilities

CVE-2026-0764 - GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulne...

2026-01-23 0 views admin

CVE ID : CVE-2026-0764 Published : Jan. 23, 2026, 3:28 a.m. | 47 minutes ago Description : GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upload endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-27957. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-0764

Severity

CRITICAL

Published

Jan. 23, 2026

Impact: Remote Code Execution

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-0764critical

CVE-2026-0764 - GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulne...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-0787 - ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerability

CVE-2026-0796 - ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnera...

CVE-2026-0795 - ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnera...

CVE-2026-0794 - ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability

Trending

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

Tech: Data is the only moat

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

Tech: AWS European Sovereign Cloud

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3