4 matches found
CVE-2026-44284
FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected internal/private network URLs, but the MCP tool create/update endpoints could still save an internal...
CVE-2026-44284
FastGPT (before 4.14.17) had an SSRF flaw in MCP tool URL handling. An authenticated user with permission to create/manage MCP toolsets could store an internal endpoint (e.g., http://localhost:3000/mcp) via the MCP tool create/update endpoints. The stored URL could be used later by the backend wo...
PT-2026-39209
Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.14.17 Description An inconsistent Server-Side Request Forgery SSRF protection gap exists in the handling of Model Context Protocol MCP tool URLs. While direct preview and run endpoints reject internal or private...
Fedora 26 : kernel (2018-57e732b89f)
The 4.14.18 stable update contains a number of important fixes across the tree, including some additional spectre mitigation. ---- The 4.14.17 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description bloc...