Description
FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin system. This may cause the plugin system to crash and the loss of plugin installation status, but it will not result in key leakage. For older versions, as there are only operation interfaces for obtaining information, the impact is almost negligible. This vulnerability is fixed in 4.14.5-fix.
Published: 2026-02-10
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Remote Access to Plugin System
Action: Immediate Patch
AI Analysis

Impact

FastGPT allows attackers to call any plugin endpoint under /api/plugin/ without authentication when running versions 4.14.0 through 4.14.5. This lack of authentication can cause the plugin system to crash or lose its installation state, leading to a denial‑of‑service on the platform. The vulnerability does not expose sensitive data or credentials, but it compromises the availability of the plugin feature and may affect the stability of the overall system.

Affected Systems

The affected product is the FastGPT AI Agent building platform from labring. Versions 4.14.0 up to and including 4.14.5 are vulnerable. The latest release, 4.14.5‑fix, contains the remedy. Versions earlier than 4.14.0 exhibit only read‑only plugin interfaces, so the impact is minor for those earlier releases.

Risk and Exploitability

The CVSS score of 6.9 signals a moderate severity, and the EPSS score of less than 1% indicates a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, suggesting no proven widespread use. Attackers can exploit the flaw merely by sending unauthenticated HTTP requests to the exposed plugin endpoints, without needing any special privileges or prior access. Because the flaw directly crashes the plugin subsystem, the primary risk to the platform is a denial of service rather than data theft.

Generated by OpenCVE AI on April 17, 2026 at 20:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update FastGPT to the 4.14.5‑fix release or any later version that includes the authentication fix for the /api/plugin endpoints
  • If an update is not immediately possible, restrict or disable the /api/plugin/* endpoints to authenticated users only, preventing unauthenticated access
  • Implement network‑level rate limiting or firewall rules to block suspicious traffic targeting the plugin API until a patch can be applied

Generated by OpenCVE AI on April 17, 2026 at 20:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Fastgpt
Fastgpt fastgpt
CPEs cpe:2.3:a:fastgpt:fastgpt:*:*:*:*:*:*:*:*
cpe:2.3:a:fastgpt:fastgpt:4.14.5:-:*:*:*:*:*:*
Vendors & Products Fastgpt
Fastgpt fastgpt
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L'}

Tue, 10 Feb 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Labring
Labring fastgpt
Vendors & Products Labring
Labring fastgpt

Tue, 10 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 10 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Description FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin system. This may cause the plugin system to crash and the loss of plugin installation status, but it will not result in key leakage. For older versions, as there are only operation interfaces for obtaining information, the impact is almost negligible. This vulnerability is fixed in 4.14.5-fix.
Title FastGPT Plugin forwarding request is not authenticated, posing a serious risk of attack
Weaknesses CWE-601
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L'}

Subscriptions

Fastgpt Fastgpt
Labring Fastgpt
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-10T19:06:11.563Z

Reserved: 2026-02-09T17:41:55.859Z

Link: CVE-2026-26003

cve-icon Vulnrichment

Updated: 2026-02-10T19:05:59.037Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-10T18:16:39.107

Modified: 2026-02-23T18:06:14.713

Link: CVE-2026-26003

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T20:45:25Z

Weaknesses