CVE-2026-13483
Last modified
CVE-2026-13483 is a low-severity vulnerability rated 3.1/10 on the CVSS scale. A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. EPSS estimates a 0.10% chance of exploitation in the next 30 days.
Description
A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Metrics
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| arc53 | DocsGPT | 0.1; 0.2; 0.3; 0.4; 0.5; 0.6; 0.7; 0.8; 0.9; 0.10; 0.11; 0.12; 0.13; 0.14; 0.15; 0.16; 0.17; 0.18.0 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-13483?
How severe is CVE-2026-13483?
How do I fix CVE-2026-13483?
Related CVEs from 2026
- CVE-2026-1346IBM Verify Identity Access Container 11.0 through 11.0.2 and…7.8
- CVE-2026-13461When coupled with the SSL bypass vulnerability, JavaScript c…9.6
- CVE-2026-13462PayRange Android app, version 7.0.7 and below, contains an S…7.5
- CVE-2026-13468The Visualizer – Tables & Charts Manager with Built-in AI Ge…7.5
- CVE-2026-13474Denial of service via malformed HTTP/2 requests in NetScaler…7.5
- CVE-2026-13482A vulnerability was detected in skypilot-org skypilot up to …3.7
- CVE-2026-13484A vulnerability has been found in MLflow up to 4666cffc7912e…8.8
- CVE-2026-13485A vulnerability was found in SourceCodester Class and Exam T…7.3
- CVE-2026-13486A vulnerability was determined in SourceCodester Class and E…7.3
- CVE-2026-13487A vulnerability was identified in SourceCodester Class and E…7.3
- CVE-2026-13488A security flaw has been discovered in SourceCodester Class …7.3
- CVE-2026-13489A weakness has been identified in 78 xiaozhi-esp32 up to 2.2…3.1
Are you affected by CVE-2026-13483?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
