Lucene search
K

4 matches found

NVD
NVD
added 2026/05/08 11:16 p.m.19 views

CVE-2026-44284

FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected internal/private network URLs, but the MCP tool create/update endpoints could still save an internal...

6.3CVSS0.00235EPSS
Exploits0References4
CVE
CVE
added 2026/05/08 10:12 p.m.21 views

CVE-2026-44284

FastGPT (before 4.14.17) had an SSRF flaw in MCP tool URL handling. An authenticated user with permission to create/manage MCP toolsets could store an internal endpoint (e.g., http://localhost:3000/mcp) via the MCP tool create/update endpoints. The stored URL could be used later by the backend wo...

6.3CVSS5.8AI score0.00235EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39209

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.14.17 Description An inconsistent Server-Side Request Forgery SSRF protection gap exists in the handling of Model Context Protocol MCP tool URLs. While direct preview and run endpoints reject internal or private...

6.3CVSS5.9AI score0.00235EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.14 views

Fedora 26 : kernel (2018-57e732b89f)

The 4.14.18 stable update contains a number of important fixes across the tree, including some additional spectre mitigation. ---- The 4.14.17 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description bloc...

5.5AI score
Exploits0References1
Rows per page
Query Builder