CVE-2026-0764
📋 TL;DR
CVE-2026-0764 is a critical deserialization vulnerability in GPT Academic's upload endpoint that allows unauthenticated remote attackers to execute arbitrary code with root privileges. This affects all installations of GPT Academic with the vulnerable upload functionality enabled. Attackers can exploit this without any authentication to gain complete control over affected systems.
💻 Affected Systems
- GPT Academic
📦 What is this software?
Gpt Academic by Binary Husky
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with root-level code execution, data theft, lateral movement, and persistent backdoor installation.
Likely Case
Remote code execution leading to data exfiltration, cryptocurrency mining, or ransomware deployment.
If Mitigated
Attack blocked at network perimeter or application firewall; no impact if proper input validation is implemented.
🎯 Exploit Status
ZDI-CAN-27957 indicates proof-of-concept exists. The CVSS 9.8 score and unauthenticated nature make weaponization highly likely.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific patched version
Vendor Advisory: https://www.zerodayinitiative.com/advisories/ZDI-26-030/
Restart Required: Yes
Instructions:
1. Check the ZDI advisory for patched version. 2. Update GPT Academic to the latest secure version. 3. Restart the application/service. 4. Verify the upload endpoint no longer accepts malicious deserialization payloads.
🔧 Temporary Workarounds
Disable Upload Endpoint
allTemporarily disable the vulnerable upload functionality until patching is complete.
# Configuration dependent - disable in application config or via firewall
Network Segmentation
linuxRestrict access to GPT Academic upload endpoint using firewall rules.
# Example iptables: iptables -A INPUT -p tcp --dport [GPT_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
iptables -A INPUT -p tcp --dport [GPT_PORT] -j DROP
🧯 If You Can't Patch
- Implement strict WAF rules to block deserialization payloads at the upload endpoint.
- Isolate the GPT Academic instance in a segmented network with no internet access.
🔍 How to Verify
Check if Vulnerable:
Test if the upload endpoint accepts serialized objects by sending a crafted payload and observing code execution or error responses.Check Version:
# Check GPT Academic version in application interface or configuration filesVerify Fix Applied:
Attempt to send deserialization payloads to the upload endpoint; successful patches should reject or sanitize the input without executing code.📡 Detection & Monitoring
Log Indicators:
- Unusual upload requests with serialized data patterns
- Unexpected process execution from GPT Academic context
- Error logs containing deserialization exceptions
Network Indicators:
- HTTP POST requests to upload endpoint containing serialized object patterns
- Outbound connections from GPT Academic to unknown external IPs
SIEM Query:
source="gpt_academic.log" AND ("upload" AND "serialize" OR "deserialize") OR process="python" parent="gpt_academic"