Description
FastGPT is an AI Agent building platform. Due to the fact that FastGPT's web page acquisition nodes, HTTP nodes, etc. need to initiate data acquisition requests from the server, there are certain security issues. In addition to implementing internal network isolation in the deployment environment, this optimization has added stricter internal network address detection. This vulnerability is fixed in 4.14.7.
Published: 2026-02-12
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Request Forgery
Action: Immediate Patch
AI Analysis

Impact

FastGPT, an AI agent building platform, suffers from a Cross‑Site Request Forgery vulnerability. The flaw originates in its web page acquisition nodes and HTTP nodes, which initiate data requests from the server. An attacker could exploit this to forge requests that are executed with the privileges of an authenticated user or system, potentially leading to unauthorized data manipulation or disclosure. The weakness is classified as CWE‑352.

Affected Systems

The affected product is FastGPT from labring. All releases before version 4.14.7 are vulnerable, as the fix is applied in the 4.14.7 release. No specific earlier version range was supplied, so administrators should consider any version older than 4.14.7 as impacted.

Risk and Exploitability

The CVSS score is 6.9, indicating a moderate severity. The EPSS score is under 1 %, so the likelihood of exploitation is currently low. The vulnerability is not listed in CISA's KEV catalog. Attackers would need to trick a legitimate user into sending a forged request, or compromise the internal network that the web page acquisition nodes use, leveraging the lack of proper CSRF protections. As the flaw involves state‑changing operations, success could lead to unauthorized configuration changes or data exfiltration.

Generated by OpenCVE AI on April 18, 2026 at 12:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade FastGPT to version 4.14.7 or later, which contains the CSRF fix.
  • Ensure that all state‑changing endpoints enforce valid CSRF tokens and origin checks – if the framework does not automatically do this, configure it to require a CSRF token for every mutation operation.
  • Restrict the internal network usage of the web page acquisition and HTTP nodes to trusted IP ranges or disable these nodes where they are not needed, and enforce network segmentation to minimize exposure.

Generated by OpenCVE AI on April 18, 2026 at 12:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Fastgpt
Fastgpt fastgpt
CPEs cpe:2.3:a:fastgpt:fastgpt:*:*:*:*:*:*:*:*
Vendors & Products Fastgpt
Fastgpt fastgpt
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N'}

Fri, 13 Feb 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Labring
Labring fastgpt
Vendors & Products Labring
Labring fastgpt

Fri, 13 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 12 Feb 2026 22:00:00 +0000

Type Values Removed Values Added
Description FastGPT is an AI Agent building platform. Due to the fact that FastGPT's web page acquisition nodes, HTTP nodes, etc. need to initiate data acquisition requests from the server, there are certain security issues. In addition to implementing internal network isolation in the deployment environment, this optimization has added stricter internal network address detection. This vulnerability is fixed in 4.14.7.
Title Cross-Site Request Forgery (CSRF) in FastGPT
Weaknesses CWE-352
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Fastgpt Fastgpt
Labring Fastgpt
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-13T16:05:39.311Z

Reserved: 2026-02-10T18:01:31.901Z

Link: CVE-2026-26075

cve-icon Vulnrichment

Updated: 2026-02-13T16:05:33.255Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-12T22:16:06.817

Modified: 2026-02-23T16:52:24.110

Link: CVE-2026-26075

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T12:45:45Z

Weaknesses