CVE-2026-40100

FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication. The internal IP check in isInternalAddress only blocks private IPs when CHECKINTERNALIP=true, which is not the default. This allows...

FastGPT 代码问题漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models, developed by Labring. Versions of FastGPT prior to 4.14.10.3 contained code vulnerabilities. These vulnerabilities stemmed from the unvalidated acceptance of any URL via the...

CVE-2026-34162 FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

VulnCheck KEV: CVE-2025-51482

Remote Code Execution in letta.server.restapi.routers.v1.tools.runtoolfromsource in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS through the runtool command which exposes classes in the water.tools package via the ast parser. An attacker can shut down the server and write large files to arbitrary directories by exploiting the...

GHSA-WJPV-64V2-2QPQ H2O Vulnerable to Denial of Service (DoS) and File Write

In h2oai/h2o-3 version 3.46.0.1, the runtool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large files to arbitrary directories, leading to a denial of service...

H2O 资源管理错误漏洞

H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. A resource management error vulnerability exists in H2O version 3.46.0.1, which stems from the runtool command exposing classes in the water.tools package via the ast parser, which could lead to a deni...

CVE-2024-5979

In h2oai/h2o-3 version 3.46.0, the runtool command in the rapids component allows the main function of any class under the water.tools namespace to be called. One such class, MojoConvertTool, crashes the server when invoked with an invalid argument, causing a denial of service...

PT-2024-37289 · H2O.Ai · H2O-3

Name of the Vulnerable Software and Affected Versions: h2oai/h2o-3 version 3.46.0 Description: The issue allows the main function of any class under the water.tools namespace to be called through the run tool command in the rapids component. Specifically, the MojoConvertTool class can cause the...

Pytorch-Lightning Code Issue Vulnerability

Pytorch-Lightning is an open source lightweight PyTorch wrapper open-sourced by Lightning AI in the US. Used for high performance Ai research. A code issue vulnerability exists in Pytorch-Lightning version v2.2.4, which stems from the runtool command in the rapids component that allows the main...