Skip to main content

Fastgpt CVE-2026-40351

| EUVD-2026-23557 CRITICAL
Improper Neutralization of Special Elements in Data Query Logic (CWE-943)
2026-04-17 GitHub_M
Denial Of Service Nosql Injection Fastgpt
9.8
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

7
Patch released
Apr 27, 2026 - 19:39 nvd
Patch available
Re-analysis Queued
Apr 17, 2026 - 22:22 vuln.today
cvss_changed
Patch available
Apr 17, 2026 - 22:16 EUVD
Analysis Generated
Apr 17, 2026 - 22:09 vuln.today
EUVD ID Assigned
Apr 17, 2026 - 21:45 euvd
EUVD-2026-23557
Analysis Generated
Apr 17, 2026 - 21:45 vuln.today
CVE Published
Apr 17, 2026 - 21:05 nvd
CRITICAL 9.8

DescriptionGitHub Advisory

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object (e.g., {"$ne": ""}) as the password field. This NoSQL injection bypasses the password check, enabling login as any user including the root administrator. This issue has been fixed in version 4.14.9.5.

AnalysisAI

NoSQL injection in FastGPT <4.14.9.5 password authentication allows unauthenticated remote attackers to bypass login controls and access any account, including root administrator, by submitting MongoDB query operators instead of plaintext passwords. The vulnerability stems from missing runtime validation on password fields in the login endpoint. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify exposed FastGPT instance
Delivery
Send HTTP POST to login endpoint
Exploit
Inject MongoDB operator in password field
Execution
Bypass authentication logic
Persist
Receive admin session token
Impact
Access administrative functions
Sign in to reveal

Vulnerability AssessmentAI

Exploitation No special conditions - remote unauthenticated exploitation against default configurations of FastGPT installations prior to version 4.14.9.5. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is CRITICAL based on multiple converging signals. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker identifies a FastGPT instance exposed on the public internet through Shodan or targeted reconnaissance. They send an HTTP POST request to the password login endpoint with JSON payload containing username 'root' and password field set to {"$ne": ""} instead of a string. …
Remediation Upgrade immediately to FastGPT version 4.14.9.5 or later, available at https://github.com/labring/FastGPT/releases/tag/v4.14.9.5. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Identify all FastGPT deployments running versions below 4.14.9.5 and inventory affected systems. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-40351 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy