What is the CVSS score of CVE-2026-34162?

CVE-2026-34162 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L. EPSS exploitation probability: 0.1%.

Which versions of FastGPT are affected by CVE-2026-34162?

FastGPT versions prior to 4.14.9.5 contain an unauthenticated HTTP proxy vulnerability that allows attackers to relay arbitrary requests through your server, enabling internal network reconnaissance,…. A patch is available.

How to fix or mitigate CVE-2026-34162?

Within 24 hours: Identify all FastGPT instances and verify versions (confirm if running <4.14.9.5). Within 7 days: Upgrade all instances to FastGPT v4.14.9.5 or later; test in staging environment before production deployment. Within 30 days: Review network logs for suspicious requests to /api/core/app/httpTools/runTool endpoint and conduct forensic analysis for unauthorized proxy activity; implement network segmentation to restrict outbound connections from FastGPT servers.

FastGPT CVE-2026-34162

EUVD-2026-17445 CRITICAL

Missing Authentication for Critical Function (CWE-306)

2026-03-31 GitHub_M

Authentication Bypass

10.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

Low

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 05:47 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

4.14.9.5

EUVD ID Assigned

Mar 31, 2026 - 14:30 euvd

EUVD-2026-17445

Analysis Generated

Mar 31, 2026 - 14:30 vuln.today

CVE Published

Mar 31, 2026 - 13:43 nvd

CRITICAL 10.0

DescriptionNVD

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint (/api/core/app/httpTools/runTool) is exposed without any authentication. This endpoint acts as a full HTTP proxy - it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers, and body, then makes a server-side HTTP request and returns the complete response to the caller. This issue has been patched in version 4.14.9.5.

AnalysisAI

Unauthenticated HTTP proxy abuse in FastGPT (AI Agent platform) prior to v4.14.9.5 allows remote attackers to relay arbitrary HTTP requests through the server. The /api/core/app/httpTools/runTool endpoint accepts user-controlled URLs, methods, headers, and body parameters without authentication, functioning as an open proxy for network pivoting, credential theft, and internal network reconnaissance. …

RemediationAI

Within 24 hours: Identify all FastGPT instances and verify versions (confirm if running <4.14.9.5). Within 7 days: Upgrade all instances to FastGPT v4.14.9.5 or later; test in staging environment before production deployment. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-34162 vulnerability details – vuln.today

Back