CVE-2026-56782: Critical Authentication Bypass in Gorse
TL;DR - Gorse before 0.5.10 can expose
/api/dumpand/api/restorewithout auth whenadmin_api_keyis empty. - Internet-reachable instances risk full data theft or destructive dataset overwrite. - Upgrade to 0.5.10+, set a non-empty admin key, and review logs immediately.
| Field | Value |
|---|---|
| CVE ID | CVE-2026-56782 |
| CVSS score | 9.8 |
| Attack vector | Network |
| Auth required | None, under the vulnerable condition described by NVD |
| Patch status | Fixed in Gorse 0.5.10 |
Vulnerability at a Glance
CVE-2026-56782 is a critical authentication bypass in Gorse, the open source recommendation engine project maintained under gorse-io. According to the NVD description, Gorse before 0.5.10 is vulnerable because the administrative endpoints /api/dump and /api/restore can be accessed without authentication when admin_api_key is empty, which the NVD notes is the default configuration.
That combination matters operationally. This is not merely a misconfiguration edge case buried behind obscure features. The vulnerable condition lines up with a default state, and the affected endpoints are highly sensitive: one can export the backing dataset, and the other can replace it. For defenders, that means the practical blast radius is both data confidentiality loss and data integrity destruction, with possible downstream business impact if recommendation data, user records, or behavioral feedback are part of production workflows.
What This Vulnerability Means in Practice
The core issue is missing or ineffective authentication enforcement on protected administrative functions. In a secure deployment, a request to administrative backup or restore functionality should require a valid admin credential. Here, the NVD states that when admin_api_key is unset or empty, the affected endpoints may still be callable by an unauthenticated remote party.
In practice, an attacker who can reach the Gorse API may be able to call /api/dump to retrieve the full database contents. The same exposure may allow use of /api/restore to overwrite the database with attacker-controlled data. Even where the application itself does not store classic secrets, recommendation platforms often contain sensitive business telemetry, user identifiers, item metadata, and feedback events that can qualify as personal or regulated data depending on the environment.
Affected Versions and Exposure Conditions
The affected version range is explicitly described as “Gorse before 0.5.10.” The fixed version threshold is therefore Gorse 0.5.10. If you are running 0.5.9 or earlier, you should treat the instance as vulnerable unless you have independently verified that the affected endpoints are not reachable and that a non-empty admin key is enforced.
The most important exposure condition is the NVD statement that admin_api_key is empty by default. A vulnerable version alone does not automatically mean internet compromise, but a vulnerable version plus empty admin key plus reachable API surface is enough to create a serious unauthenticated attack path. If you do not have configuration inventory proving otherwise, defenders should assume any externally reachable pre-0.5.10 deployment may be exposed.
CVSS Score Breakdown
The CVSS 9.8 score places this issue firmly in critical territory. Although the specific vector string was not available in the research note, a 9.8 score is consistent with a network-exploitable, unauthenticated vulnerability with high impact across confidentiality, integrity, and likely availability.
That scoring matches the described outcomes. Confidentiality impact is effectively complete because the vulnerable endpoint can dump the entire data set. Integrity impact is also effectively complete because the restore endpoint can overwrite the full dataset. Availability or operational impact may follow from destructive restore actions, corrupted recommendation state, broken user-item relationships, or emergency recovery work after malicious tampering.
Exploitation Status
At the time of writing, the available research does not confirm exploitation in the wild. The vulnerability is not currently listed in CISA KEV, and the research note did not confirm active exploitation telemetry from other trusted sources. That is useful context, but it should not reduce urgency for exposed systems.
A public standalone PoC repository was not confirmed from the gathered source set. However, the affected behavior is simple enough that many attackers would not need a polished proof of concept if endpoint access is exposed. In other words: no confirmed PoC and no confirmed in-the-wild exploitation are the current knowns, but defenders should still assume opportunistic scanning is plausible because the vulnerable paths and conditions are publicly described.
Who Should Prioritize This First
Organizations running Gorse in production should prioritize triage if the service is internet-accessible, sits behind an API gateway, or is used in cloud-native environments where administrative paths may have been exposed unintentionally. SaaS teams, e-commerce platforms, media platforms, and internal personalization services are the most likely to have real data at stake.
SMBs should not assume that a niche recommendation platform is too obscure to be targeted. Vulnerabilities involving backup and restore endpoints often get picked up quickly by scanners because the attacker payoff is obvious: bulk data theft and service disruption without needing valid credentials. If your team lacks good asset visibility, start by identifying all instances of Gorse and any reverse proxy routes exposing /api/.
Bottom Line
CVE-2026-56782 is a critical Gorse authentication bypass affecting versions before 0.5.10. If admin_api_key is empty, which NVD states is the default configuration, unauthenticated attackers may access /api/dump and /api/restore to steal or overwrite the full dataset.
There is no confirmed in-the-wild exploitation in the provided research, and a public PoC was not confirmed. That said, defenders should not wait for exploitation confirmation. If you run Gorse, move to 0.5.10, set a non-empty admin key, restrict endpoint exposure, and audit logs for any past access to these administrative paths.
For further reading, you may also check our articles on when a security incident becomes a reportable data breach and the best SOAR platforms compared for 2026.
This article may contain affiliate links. We earn a commission on qualifying purchases at no extra cost to you.
Detection and Triage
Your first triage objective is to answer three questions: Are we running a version before 0.5.10? Is admin_api_key empty? Are /api/dump or /api/restore reachable from untrusted networks? If the answer to all three is yes or unknown, treat the instance as high risk until remediated.
Your second objective is retrospective review. Search reverse proxy, ingress, load balancer, WAF, and application logs for requests to the sensitive endpoints. Because the vulnerability involves administrative functionality, even a small number of unexpected requests should be investigated. If you find successful access from unknown IPs, assume the data in Gorse may have been copied or altered and plan for incident response, including data integrity validation and stakeholder notification where required.
Technical Notes
Look for HTTP requests hitting these paths:
/api/dump
/api/restore
Example grep patterns for common access logs:
grep -E '(/api/dump|/api/restore)' /var/log/nginx/access.log
grep -E '(/api/dump|/api/restore)' /var/log/apache2/access.log
grep -R -E '(/api/dump|/api/restore)' /var/log/
Example suspicious log pattern to flag:
203.0.113.24 - - [29/Jun/2026:10:14:22 +0000] "GET /api/dump HTTP/1.1" 200 1843921 "-" "curl/8.5.0"
198.51.100.10 - - [29/Jun/2026:10:18:41 +0000] "POST /api/restore HTTP/1.1" 200 532 "-" "python-requests/2.32.0"
Example Splunk query:
index=web OR index=proxy
(uri_path="/api/dump" OR uri_path="/api/restore")
| stats count min(_time) as first_seen max(_time) as last_seen values(status) values(src_ip) values(user_agent) by host, uri_path
Example Sigma-style logic for translation into your SIEM:
title: Gorse Sensitive Endpoint Access
logsource:
category: webserver
detection:
selection:
cs-uri-stem:
- "/api/dump"
- "/api/restore"
condition: selection
level: high
If you do not have application logs, use network telemetry from your ingress controller, service mesh, cloud load balancer, or firewall. In the absence of direct evidence, defenders should assume that exposed endpoints may already have been probed.
Mitigation and Patching
The primary fix is to upgrade to Gorse 0.5.10 or later. The affected range is explicitly before 0.5.10, so the minimum safe target named in the available sources is 0.5.10. If you package Gorse through containers or an internal artifact registry, verify that the deployed image actually maps to 0.5.10+ and is not merely tagged ambiguously.
You should also set a non-empty admin_api_key and restrict network access to administrative API paths. Even after patching, administrative functions should not be broadly reachable from the internet unless there is a tightly controlled operational reason. Prefer IP allowlisting, internal-only exposure, or routing admin operations through a secured management plane. If you cannot patch immediately, reducing exposure and setting the admin key are the fastest compensating actions.
Technical Notes
If you run Gorse from source or binaries, first verify the current version using whatever deployment metadata your team maintains. If your deployment uses a container image, inspect the running image tag and digest before replacement.
Example Docker-style upgrade flow:
docker pull gorse/gorse:0.5.10
docker stop gorse
docker rm gorse
docker run -d --name gorse \
-p 8080:8080 \
-e GORSE_ADMIN_API_KEY='replace-with-strong-random-value' \
gorse/gorse:0.5.10
Example Docker Compose snippet with an explicit admin key:
services:
gorse:
image: gorse/gorse:0.5.10
environment:
GORSE_ADMIN_API_KEY: "replace-with-strong-random-value"
ports:
- "8080:8080"
If your deployment uses a configuration file rather than environment variables, set a non-empty value for admin_api_key. The exact file path varies by deployment, so do not assume a universal location without checking your own build and packaging method.
Network-level workaround examples while emergency patching is in progress:
location ~ ^/api/(dump|restore)$ {
allow 10.0.0.0/8;
deny all;
}
Kubernetes ingress example:
nginx.ingress.kubernetes.io/whitelist-source-range: "10.0.0.0/8,192.168.0.0/16"
If you suspect compromise, do more than patch. Validate dataset integrity, compare current state to trusted backups, and review whether exported Gorse data contained PII or business-sensitive telemetry. If yes, involve legal, privacy, and incident response stakeholders.
Recovery and Post-Patch Validation
After remediation, confirm both version state and access control behavior. A successful patch cycle should leave you on 0.5.10 or later, with admin_api_key populated and the sensitive endpoints inaccessible to unauthenticated external clients. Test from a non-trusted network segment if possible, not just from within the cluster or host.
You should also review whether historical access logs show successful requests to /api/dump or /api/restore. If they do, validate whether the requests were legitimate maintenance operations. Where legitimacy cannot be proven, assume exposure. For affected businesses, a practical response may include restoring from a known-good backup, revalidating recommendation data pipelines, and preserving logs for incident handling.
References
Primary and upstream references tied to this vulnerability:
- NVD patch commit: https://github.com/gorse-io/gorse/commit/19fdcbb309fb5b609e9cc3eb10c74885b5b27da9
- Upstream issue discussion: https://github.com/gorse-io/gorse/issues/1292
- Upstream pull request: https://github.com/gorse-io/gorse/pull/1293
- Official project site: https://gorse.io
- Source repository: https://github.com/gorse-io/gorse
- Third-party advisory referenced by NVD: https://www.vulncheck.com/advisories/gorse-unauthenticated-database-dump-and-restore-via-api-dump-and-api-restore-endpoints