CVE-2026-54607
Received Received - Intake

Remote Reference Resolver Flaw in FastGPT Allows Internal Service Access

Vulnerability report for CVE-2026-54607, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-07

Last updated on: 2026-07-07

Assigner: GitHub, Inc.

Description

FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns fetched content inline, allowing an authenticated team member to read internal services or cloud metadata. This issue is fixed in version 4.15.0-beta4.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-07
Last Modified
2026-07-07
Generated
2026-07-08
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
fastgpt fastgpt to 4.15.0-beta4 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

The vulnerability allows an authenticated team member to read internal services or cloud metadata that should normally be protected. This can lead to unauthorized disclosure of sensitive internal information, potentially exposing infrastructure details or cloud environment metadata that could be leveraged for further attacks or data breaches.

Mitigation Strategies

To mitigate this vulnerability, upgrade FastGPT to version 4.15.0-beta4 or later, where the issue has been fixed.

Executive Summary

This vulnerability exists in FastGPT, a knowledge-based AI application platform, in versions prior to 4.15.0-beta4. The issue arises because the HTTP-tool OpenAPI schema importer only validates the top-level URL before passing it to SwaggerParser.bundle. The remote reference resolver in SwaggerParser.bundle fetches $ref URLs without applying FastGPT's internal-address guard. As a result, an authenticated team member can exploit this to read internal services or cloud metadata by having the fetched content returned inline.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54607. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart