CVE-2026-26003
Unauthorized Access to FastGPT Plugin System Causes Crash
Publication date: 2026-02-10
Last updated on: 2026-02-23
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fastgpt | fastgpt | From 4.14.0 (inc) to 4.14.5 (exc) |
| fastgpt | fastgpt | 4.14.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-26003 is a critical vulnerability in the FastGPT AI Agent building platform versions 4.14.0 through 4.14.5. The issue arises because the plugin system endpoint FastGPT/api/plugin/xxx does not require authentication, allowing attackers to directly access the plugin system without any authorization.
This unauthorized access can cause the plugin system to crash and result in the loss of plugin installation status. However, it does not lead to leakage of sensitive keys. The vulnerability is due to a deprecated plugin forwarding interface that was removed in the fixed version 4.14.5-fix.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'If you are running FastGPT versions 4.14.0 through 4.14.5, attackers can exploit this vulnerability to access the plugin system without authentication.'}, {'type': 'list_item', 'content': 'The plugin system may crash.'}, {'type': 'list_item', 'content': 'You may lose the status of installed plugins.'}, {'type': 'paragraph', 'content': "While this does not result in key leakage, the instability and loss of plugin installation status can disrupt your platform's functionality and reliability."}] [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your FastGPT instance is exposing the unauthenticated plugin system endpoint at /api/plugin/xxx. Network monitoring or web server logs can be inspected for requests to paths matching /api/plugin/* that do not require authentication.
You can use commands like curl or wget to test if the endpoint is accessible without authentication. For example:
- curl -i http://{FastGPT_host}/api/plugin/test
- wget --spider http://{FastGPT_host}/api/plugin/test
If these commands return a response without requiring authentication or return plugin system data, the system is vulnerable.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading FastGPT to version 4.14.5-fix, which removes the vulnerable plugin forwarding interface and adds authentication checks.
Alternatively, if upgrading immediately is not possible, you should disable all requests to the /api/plugin/* endpoint on your FastGPT host by implementing gateway or firewall rules to block this traffic.
- Upgrade FastGPT to version 4.14.5-fix.
- Block or disable all incoming requests to the /api/plugin/* endpoint via gateway or firewall rules.