CVE-2026-44286
Received Received - Intake
Unauthenticated SSRF in FastGPT AI Agent Platform

Publication date: 2026-05-08

Last updated on: 2026-05-11

Assigner: GitHub, Inc.

Description
FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability allows attackers (or authenticated users with App editing privileges) to send arbitrary HTTP requests to internal/private network addresses. The fetchData function in the lafModule workflow node uses axios to fetch user-controlled URLs without validating them against the application's internal network blocklist guard (isInternalAddress), bypassing SSRF protections. This issue has been patched in version 4.14.17.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-11
Generated
2026-06-19
AI Q&A
2026-05-09
EPSS Evaluated
2026-06-18
NVD
CVE-2026-44286
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
fastgpt fastgpt to 4.14.17 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability is a Server-Side Request Forgery (SSRF) in FastGPT, an AI Agent building platform. Before version 4.14.17, attackers or authenticated users with App editing privileges could exploit the fetchData function in the lafModule workflow node to send arbitrary HTTP requests to internal or private network addresses. This happens because the function uses axios to fetch user-controlled URLs without properly validating them against the application's internal network blocklist guard (isInternalAddress), effectively bypassing SSRF protections.

Impact Analysis

This vulnerability allows attackers to send unauthorized HTTP requests to internal or private network addresses, potentially accessing sensitive internal services or data that should be protected from external access. This can lead to information disclosure, unauthorized actions within the internal network, or further exploitation of internal systems.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade FastGPT to version 4.14.17 or later, where the SSRF issue has been patched.

Additionally, restrict or review user permissions to ensure that only trusted users have App editing privileges, as authenticated users with such privileges can exploit this vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44286. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart