Lucene search
K

155 matches found

CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

FastGPT 安全漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.14.9.5 contained a security vulnerability. This vulnerability stemmed from the use of TypeScript type assertions in password-based login endpoints...

9.8CVSS5.9AI score0.00627EPSS
Exploits1References2
NVD
NVD
added 2026/04/10 9:16 p.m.3 views

CVE-2026-40252

FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability IDOR/BOLA allows any authenticated team to access and execute applications belonging to other teams by supplying a foreign appId. While the API correctly validates the team token, it does not verify...

8.1CVSS0.00342EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/10 8:52 p.m.21 views

CVE-2026-40252 Broken Access Control (IDOR) Leading to Cross-Tenant Application Access in FastGPT

FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability IDOR/BOLA allows any authenticated team to access and execute applications belonging to other teams by supplying a foreign appId. While the API correctly validates the team token, it does not verify...

5.3CVSS0.00342EPSS
Exploits0References2
CVE
CVE
added 2026/04/10 8:52 p.m.17 views

CVE-2026-40252

CVE-2026-40252 affects the FastGPT AI Agent building platform. The flaw is a Broken Access Control (IDOR/BOLA) where, before version 4.14.10.4, an authenticated user from one team could access and execute applications belonging to another team by supplying a foreign appId. The root cause is that ...

8.1CVSS6AI score0.00342EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/10 8:52 p.m.5 views

CVE-2026-40252 Broken Access Control (IDOR) Leading to Cross-Tenant Application Access in FastGPT

FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability IDOR/BOLA allows any authenticated team to access and execute applications belonging to other teams by supplying a foreign appId. While the API correctly validates the team token, it does not verify...

5.3CVSS6AI score0.00342EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 5:17 p.m.2 views

CVE-2026-40100

FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication. The internal IP check in isInternalAddress only blocks private IPs when CHECKINTERNALIP=true, which is not the default. This allows...

5.3CVSS0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/10 4:39 p.m.4 views

CVE-2026-40100 FastGPT has Unauthenticated SSRF in /api/core/app/mcpTools/runTool via missing CHECK_INTERNAL_IP default

FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication. The internal IP check in isInternalAddress only blocks private IPs when CHECKINTERNALIP=true, which is not the default. This allows...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/04/10 4:39 p.m.14 views

CVE-2026-40100

CVE-2026-40100 affects FastGPT prior to version 4.14.10.3. The /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication; the internal IP check in isInternalAddress() only blocks private IPs when CHECK_INTERNAL_IP is true (not the default), enabling unauthenticated SSR...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.10 views

FastGPT 代码问题漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models, developed by Labring. Versions of FastGPT prior to 4.14.10.3 contained code vulnerabilities. These vulnerabilities stemmed from the unvalidated acceptance of any URL via the...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

FastGPT 安全漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models, developed by Labring. Versions of FastGPT prior to 4.14.10.4 contained a security vulnerability. This vulnerability stemmed from improper access control: any authenticated team could access and...

8.1CVSS5.9AI score0.00342EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/01 5:3 p.m.3 views

CVE-2026-34162

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

10CVSS5.8AI score0.00416EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 3:16 p.m.3 views

CVE-2026-34163

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP Model Context Protocol tools endpoints /api/core/app/mcpTools/getTools and /api/core/app/mcpTools/runTool accept a user-supplied URL parameter and make server-side HTTP requests to it without validating whether the...

7.7CVSS0.00283EPSS
Exploits1References4
NVD
NVD
added 2026/03/31 3:16 p.m.6 views

CVE-2026-34162

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

10CVSS0.00416EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/31 1:43 p.m.3 views

EUVD-2026-17445

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

10CVSS5.8AI score0.00416EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/31 1:43 p.m.3 views

CVE-2026-34162 FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

10CVSS5.8AI score0.00416EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/31 1:43 p.m.26 views

CVE-2026-34162 FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

10CVSS0.00416EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/31 1:43 p.m.10 views

CVE-2026-34162

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

10CVSS5.8AI score0.00416EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/31 1:43 p.m.3 views

CVE-2026-34162 FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

10CVSS5.8AI score0.00416EPSS
Exploits1References6
CVE
CVE
added 2026/03/31 1:43 p.m.22 views

CVE-2026-34162

Product: FastGPTVulnerability: Unauthenticated SSRF via the /api/core/app/httpTools/runTool endpointImpact: Potential internal API key theft; full server-side HTTP proxy behavior exposes response dataAffected versions: before 4.14.9.5Fix/mitigation: Upgrade to 4.14.9.5 (patched)CVSSv3.1: 10.0 (CR...

10CVSS5.8AI score0.00416EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/31 1:43 p.m.25 views

CVE-2026-34163 Server-Side Request Forgery via MCP Tools Endpoint in FastGPT

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP Model Context Protocol tools endpoints /api/core/app/mcpTools/getTools and /api/core/app/mcpTools/runTool accept a user-supplied URL parameter and make server-side HTTP requests to it without validating whether the...

7.7CVSS0.00283EPSS
Exploits1References4
Rows per page
Query Builder