Arc53: >> Docsgpt >> 0.15.0 Security Vulnerabilities
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0.
CVSS Score
10.0
EPSS Score
0.003
Published
2026-04-29