External risk intelligence

Attacker can run any code on DocsGPT systems

CVE advisorySeverity: CRITICAL (CVSS 10.0)

CVE-2026-26015

DocsGPT has a critical flaw allowing attackers to run any code on your systems, even if they are publicly accessible, by exploiting a security bypass. Update to version 0.16.0 now.

4Halo Surface Signal

Remote Code Execution

Arc53 Docsgpt

0.15.0

External exposure likelihood

Halo Surface Signal score for CVE-2026-26015

DocsGPT is a web-based chat application designed for interacting with documentation. Such services are commonly deployed as public-facing web applications to provide user access. The vulnerability is reachable via the application's standard chat interface, which is typically exposed in the intended deployment patterns for this product.

Horizon Alert

Summary of the vulnerability and why it matters

A critical vulnerability in DocsGPT, a chat application for documentation, allows an attacker to execute arbitrary code on affected systems. This issue arises from a bypass of a security check, enabling attackers to compromise systems that are publicly accessible or locally deployed.

Allows arbitrary code execution.
Affects publicly accessible systems.
Bypasses a key security check.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can exploit this by sending specially crafted input to a vulnerable DocsGPT instance, bypassing security checks to execute arbitrary commands on the server. This could allow them to compromise the entire system hosting the application.

No authentication required.
Target is the chat interface.
Input bypasses security checks.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability is highly likely to be weaponized due to its critical severity and network-accessible nature, allowing for remote code execution without authentication. Attackers are drawn to such flaws because they offer a direct path to compromise systems and deploy further malicious activities.

Public exploit code exists.
Vulnerability is in a web application.
Patched recently.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize updating DocsGPT to version 0.16.0 or later to remediate the critical RCE vulnerability. If immediate patching is not feasible, isolate affected deployments to prevent exploitation.

Update DocsGPT to version 0.16.0.
Isolate network access to affected instances.
Monitor for suspicious outbound connections.

Frequently asked questions

What is DocsGPT and what is it used for?

DocsGPT is a chat application that uses GPT technology to help users interact with documentation. It is used for easily querying and understanding large sets of documentation.

What type of weakness does CVE-2026-26015 represent in DocsGPT?

CVE-2026-26015 is a critical vulnerability classified as CWE-77, which indicates improper neutralization of special elements that could lead to code injection. This allows for arbitrary remote code execution.

How can an attacker exploit this DocsGPT vulnerability?

An attacker can exploit this by sending a specially crafted, malicious payload to a DocsGPT instance. This payload is designed to bypass a security check, known as the "MCP test", leading to arbitrary code execution. No authentication is required to trigger this.

Who should be concerned about this DocsGPT vulnerability?

Organizations using DocsGPT should be concerned, especially if their deployments are internet-facing. The Halo Surface Signal indicates this is likely an external threat, meaning attackers could potentially reach it from the internet.

What is the first step to address this vulnerability in DocsGPT?

The immediate and most effective step is to update DocsGPT to version 0.16.0 or a later version, as this version includes the fix for the vulnerability.

References

Written by Nicholas Merritt

External-surface CVE analysis and Halo Surface Signal prioritization for Halo Threat Intelligence.