CVE-2026-0763
📋 TL;DR
CVE-2026-0763 is a critical deserialization vulnerability in GPT Academic's run_in_subprocess_wrapper_func that allows unauthenticated remote attackers to execute arbitrary code as root. All installations of GPT Academic with the vulnerable function are affected. This vulnerability enables complete system compromise without requiring authentication.
💻 Affected Systems
- GPT Academic
📦 What is this software?
Gpt Academic by Binary Husky
⚠️ Risk & Real-World Impact
Worst Case
Complete system takeover with root privileges, data exfiltration, ransomware deployment, and persistent backdoor installation across the network.
Likely Case
Remote code execution leading to data theft, cryptocurrency mining, or use as a pivot point for lateral movement within the network.
If Mitigated
Limited impact if network segmentation, strict firewall rules, and least privilege principles are implemented, potentially containing the breach to isolated segments.
🎯 Exploit Status
ZDI-CAN-27958 indicates coordinated vulnerability disclosure through Zero Day Initiative, suggesting responsible disclosure but potential for private exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not yet released
Vendor Advisory: https://www.zerodayinitiative.com/advisories/ZDI-26-029/
Restart Required: Yes
Instructions:
1. Monitor GPT Academic vendor channels for security updates. 2. Apply the official patch immediately upon release. 3. Restart all GPT Academic services after patching.
🔧 Temporary Workarounds
Network Isolation
allRestrict network access to GPT Academic instances using firewall rules to limit exposure.
# Example iptables rule: iptables -A INPUT -p tcp --dport [GPT_ACADEMIC_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
# Then: iptables -A INPUT -p tcp --dport [GPT_ACADEMIC_PORT] -j DROP
Process Sandboxing
linuxRun GPT Academic in a container or sandbox with minimal privileges to limit impact of exploitation.
# Docker example: docker run --read-only --cap-drop=ALL -u nobody gpt-academic-image
🧯 If You Can't Patch
- Immediately take affected systems offline until a patch can be applied
- Implement strict network segmentation and monitor for suspicious outbound connections
🔍 How to Verify
Check if Vulnerable:
Check if your GPT Academic installation contains the run_in_subprocess_wrapper_func function and review code for unsafe deserialization patterns.Check Version:
Check GPT Academic documentation or package manager for version information specific to your installation method.Verify Fix Applied:
After patching, verify the vulnerable function has been removed or secured, and test that deserialization attacks are no longer possible.📡 Detection & Monitoring
Log Indicators:
- Unusual process spawns from GPT Academic
- Deserialization errors or exceptions in application logs
- Root privilege escalation attempts
Network Indicators:
- Unexpected outbound connections from GPT Academic servers
- Command and control traffic patterns
- Data exfiltration to unknown external IPs
SIEM Query:
source="gpt-academic.log" AND ("deserialization" OR "subprocess" OR "root") | stats count by src_ip, user