3 matches found
CVE-2026-26003 FastGPT Plugin forwarding request is not authenticated, posing a serious risk of attack
FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin system. This may cause the plugin system to crash and the loss of plugin installation status, but ...
CVE-2026-26003
CVE-2026-26003 affects FastGPT versions 4.14.0–4.14.5, where an unauthenticated attacker can access the plugin system via FastGPT/api/plugin/xxx, potentially crashing the plugin system and causing loss of plugin installation status. The impact on confidentiality/integrity is limited, with availab...
CVE-2026-26003 FastGPT Plugin forwarding request is not authenticated, posing a serious risk of attack
FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin system. This may cause the plugin system to crash and the loss of plugin installation status, but ...