CVE-2026-5001 is a vulnerability identified in the PromtEngineer localGPT product, specifically within the do_POST function of the backend/server.py file. The flaw allows an attacker to perform unrestricted file uploads remotely without any authentication or user interaction. This means that an attacker can send specially crafted HTTP POST requests to the server, uploading arbitrary files that could include malicious scripts or executables. The product uses a rolling release strategy, making it difficult to pinpoint exact version numbers, but the vulnerability affects all versions up to the specified commit hash 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The vendor has not responded to early disclosure attempts, and no official patches or updates have been released. The vulnerability has a CVSS 4.0 score of 6.9, indicating a medium severity level, with network attack vector, low attack complexity, no privileges or user interaction required, and impacts on confidentiality, integrity, and availability at a low level. Although no known exploits in the wild have been reported yet, a public exploit is available, increasing the risk of exploitation. The unrestricted upload can lead to remote code execution, data manipulation, or denial of service if exploited successfully.

The unrestricted upload vulnerability in localGPT can have significant impacts on organizations deploying this software. Attackers can upload malicious files that may lead to remote code execution, allowing full system compromise. This can result in unauthorized data access, data corruption, or service disruption. Since the vulnerability requires no authentication or user interaction, it can be exploited by any remote attacker scanning for vulnerable instances. The rolling release nature of the product complicates patch management and vulnerability tracking, increasing exposure time. Organizations relying on localGPT for AI or language model services may face operational downtime, data breaches, or reputational damage. Additionally, if localGPT is integrated into larger systems or workflows, the compromise could cascade, affecting broader infrastructure.

Until an official patch is released, organizations should implement several specific mitigations: 1) Restrict network access to the localGPT backend server by limiting exposure to trusted IP addresses or internal networks only. 2) Deploy web application firewalls (WAFs) with rules to detect and block suspicious file upload patterns or HTTP POST requests targeting the vulnerable endpoint. 3) Implement custom validation and sanitization on the server side to restrict file types, sizes, and content for uploads, if possible by modifying the source code. 4) Monitor logs for unusual upload activity or unexpected file creations in the server directories. 5) Consider containerizing or sandboxing the localGPT service to limit the impact of a potential compromise. 6) Regularly review and update access controls and credentials associated with the service. 7) Stay alert for vendor updates or community patches and apply them promptly once available.