122 matches found
CVE-2026-42302
FastGPT: agent-sandbox vulnerable in 4.14.10–4.14.12 due to entrypoint.sh launching code-server with --auth none and binding to 0.0.0.0:8080, enabling unauthenticated remote code execution and full sandbox access. The issue is mitigated in version 4.14.13. Practical impact is unauthenticated netw...
EUVD-2026-28850
FastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the agent-sandbox component of FastGPT is vulnerable to unauthenticated Remote Code Execution RCE. The startup script entrypoint.sh initializes code-server with the --auth none flag and binds the service to...
CVE-2026-42302
FastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the agent-sandbox component of FastGPT is vulnerable to unauthenticated Remote Code Execution RCE. The startup script entrypoint.sh initializes code-server with the --auth none flag and binds the service to...
PT-2026-39205
Name of the Vulnerable Software and Affected Versions FastGPT versions 4.14.10 through 4.14.12 Description The agent-sandbox component allows unauthenticated Remote Code Execution RCE, which is the ability to execute arbitrary commands on a remote machine. The startup script entrypoint.sh...
CVE-2026-41324 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, wazuh-dashboard, code-server, kibana, opensearch-dashboards-fips...
CVE-2026-41907 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, kubeflow-centraldashboard, renovate, kibana, actions-runner, langfuse, wazuh-dashboard-fips, prism, redisinsight, npm, opensearch-dashboards-fips, jitsucom-jitsu, dbgate-fips, wazuh-dashboard, argo-workflows, librechat, gemini-cli, langfuse-fip...
CVE-2026-41324 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, code-server...
CVE-2026-41907 vulnerabilities
Vulnerabilities for packages: argo-workflows, prism, opensearch-dashboards, sqlpad, renovate, jitsucom-jitsu, langfuse, npm, kubeflow-pipelines, saf, kubeflow-centraldashboard, code-server...
GHSA-RP42-5VXX-QPWR vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, code-server...
GHSA-RP42-5VXX-QPWR vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, wazuh-dashboard, code-server, kibana, opensearch-dashboards-fips...
CVE-2026-27903 vulnerabilities
Vulnerabilities for packages: node-gyp, eslint, pulumi, argo-workflows, prism, opensearch-dashboards, tileserver-gl, lerna, renovate, npm, vitess, serve, saf, code-server...
CVE-2026-27904 vulnerabilities
Vulnerabilities for packages: node-gyp, eslint, pulumi, argo-workflows, prism, opensearch-dashboards, tileserver-gl, lerna, renovate, npm, vitess, serve, saf, kubeflow-centraldashboard, code-server...
GHSA-7R86-CG39-JMMJ vulnerabilities
Vulnerabilities for packages: node-gyp, eslint, pulumi, argo-workflows, prism, opensearch-dashboards, tileserver-gl, lerna, renovate, npm, vitess, serve, saf, code-server...
GHSA-23C5-XMQV-RM74 vulnerabilities
Vulnerabilities for packages: node-gyp, eslint, pulumi, argo-workflows, prism, opensearch-dashboards, tileserver-gl, lerna, renovate, npm, vitess, serve, saf, kubeflow-centraldashboard, code-server...
CVE-2026-27699 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, langfuse, code-server...
GHSA-5RQ4-664W-9X2C vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, langfuse, code-server...
CVE-2026-27904 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, arangodb, kubeflow-centraldashboard, renovate, kibana, eslint, actions-runner, langfuse, prism, node-gyp, emscripten, npm, opensearch-dashboards-fips, vitess, argo-workflows, tileserver-gl, librechat, opentelemetry-auto-instrumentations-node,...
CVE-2026-27903 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, arangodb, renovate, kibana, eslint, actions-runner, langfuse, prism, node-gyp, emscripten, npm, opensearch-dashboards-fips, vitess, argo-workflows, tileserver-gl, librechat, opentelemetry-auto-instrumentations-node, tileserver-gl-fips, graalvm,...
GHSA-5RQ4-664W-9X2C vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, code-server, kibana, opensearch-dashboards-fips, langfuse, langfuse-fips...
CVE-2026-27699 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, code-server, kibana, opensearch-dashboards-fips, langfuse, langfuse-fips...