What is the CVSS score of CVE-2026-34162?

CVE-2026-34162 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L. EPSS exploitation probability: 0.1%.

Which versions of Fastgpt are affected by CVE-2026-34162?

FastGPT versions prior to 4.14.9.5 contain an unauthenticated HTTP proxy vulnerability that allows attackers to relay arbitrary requests through your server, enabling internal network reconnaissance,…. A patch is available.

How to fix or mitigate CVE-2026-34162?

Within 24 hours: Identify all FastGPT instances and verify versions (confirm if running <4.14.9.5). Within 7 days: Upgrade all instances to FastGPT v4.14.9.5 or later; test in staging environment before production deployment. Within 30 days: Review network logs for suspicious requests to /api/core/app/httpTools/runTool endpoint and conduct forensic analysis for unauthorized proxy activity; implement network segmentation to restrict outbound connections from FastGPT servers.

Fastgpt CVE-2026-34162

EUVD-2026-17445 CRITICAL

Missing Authentication for Critical Function (CWE-306)

2026-03-31 GitHub_M

Authentication Bypass Fastgpt

10.0

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

10.0 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

Low

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 05:47 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

4.14.9.5

EUVD ID Assigned

Mar 31, 2026 - 14:30 euvd

EUVD-2026-17445

Analysis Generated

Mar 31, 2026 - 14:30 vuln.today

CVE Published

Mar 31, 2026 - 13:43 nvd

CRITICAL 10.0

DescriptionGitHub Advisory

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint (/api/core/app/httpTools/runTool) is exposed without any authentication. This endpoint acts as a full HTTP proxy - it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers, and body, then makes a server-side HTTP request and returns the complete response to the caller. This issue has been patched in version 4.14.9.5.

AnalysisAI

Unauthenticated HTTP proxy abuse in FastGPT (AI Agent platform) prior to v4.14.9.5 allows remote attackers to relay arbitrary HTTP requests through the server. The /api/core/app/httpTools/runTool endpoint accepts user-controlled URLs, methods, headers, and body parameters without authentication, functioning as an open proxy for network pivoting, credential theft, and internal network reconnaissance. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Discover unauthenticated /api/core/app/httpTools/runTool endpoint

Exploit

Craft HTTP request with arbitrary baseUrl and toolPath

Execution

FastGPT server performs SSRF request to attacker-controlled target

Impact

Exfiltrate sensitive data or compromise internal systems