GHSA-68qg-g8mg-6pr7: paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass

April 10, 2026 (updated April 15, 2026)

An unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration. No user interaction, no credentials, just the target’s address. The entire chain is six API calls.

I verified every step against the latest version. I have a fully automated PoC script and a video recording available.

Discord: sagi03581

References

github.com/advisories/GHSA-68qg-g8mg-6pr7
github.com/paperclipai/paperclip
github.com/paperclipai/paperclip/security/advisories/GHSA-68qg-g8mg-6pr7

Code Behaviors & Features

Detect and mitigate GHSA-68qg-g8mg-6pr7 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →