Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/05/08 11:16 p.m.14 views

CVE-2026-44286

FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery SSRF vulnerability allows attackers or authenticated users with App editing privileges to send arbitrary HTTP requests to internal/private network addresses. The fetchData function i...

2.3CVSS0.00228EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/08 10:17 p.m.54 views

CVE-2026-44286 FastGPT: SSRF Vulnerability in Laf Workflow Node via Missing Internal Address Validation

FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery SSRF vulnerability allows attackers or authenticated users with App editing privileges to send arbitrary HTTP requests to internal/private network addresses. The fetchData function i...

2.3CVSS0.00228EPSS
Exploits0References2
CVE
CVEadded 2026/05/08 10:17 p.m.19 views

CVE-2026-44286

FastGPT (AI Agent platform) contains an SSRF in the lafModule workflow node: fetchData fetches user-controlled URLs with axios without checking the internal-address blocklist (isInternalAddress), allowing requests to internal/private networks. This affects versions before 4.14.17 and can be trigg...

2.3CVSS5.9AI score0.00228EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/05/08 12:0 a.m.7 views

FastGPT 代码问题漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.14.17 contained code vulnerabilities. These vulnerabilities stemmed from the fetchData function in the lafModule workflow node, which used axios t...

2.3CVSS5.9AI score0.00228EPSS
Exploits0References1
OSV
OSVadded 2024/05/21 3:15 p.m.0 views

UBUNTU-CVE-2021-47366

In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...

5.5CVSS5.7AI score0.00208EPSS
Exploits0References5
OSV
OSVadded 2019/09/09 5:15 p.m.18 views

CVE-2019-16161

Onigmo through 6.2.0 has a NULL pointer dereference in onigerrorcodetostr because of fetchtoken in regparse.c...

7.5CVSS6.6AI score
Exploits0References2
seebug.org
seebug.orgadded 2014/02/24 12:0 a.m.18 views

Easytalk V2.5 注入漏洞之2

简要描述: 过滤不严。 详细说明: 在apiaction中。 public function userpreview $username=trimrawurldecode$this-post'username'; if $username parent::init; $user = M'Users'-where"username='$username'"-find; if $user if $user'cityid' //用户所在地 $dtModel=M'District'; $pdata = $dtModel-where"id='$usercityid'"-find; $pdata2 ...

7.1AI score
Exploits0
Rows per page
Query Builder