BuildingAI
CVE-2026-7065
MEDIUM
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Server-side request forgery (SSRF) in BuildingAI up to version 26.0.1 allows remote unauthenticated attackers to abuse the Remote Upload API's uploadRemoteFile function by manipulating the url parameter, enabling unauthorized access to internal resources, data exfiltration from cloud metadata services, and potential pivoting to internal network systems. A publicly available exploit exists (GitHub issue #110), but the vendor has not responded to disclosure. CVSS 7.3 with EPSS data unavailable; exploitation requires no authentication and low attack complexity (AV:N/AC:L/PR:N/UI:N), making this a high-priority remediation target despite unknown CISA KEV status.
Technical ContextAI
Server-Side Request Forgery (CWE-918) occurs when an application fetches remote resources based on user-supplied URLs without proper validation. The vulnerable function uploadRemoteFile in file-storage.service.ts (TypeScript-based service layer, likely Node.js backend) accepts attacker-controlled url arguments and makes server-initiated HTTP requests. This allows attackers to abuse the application server as a proxy to access resources the server can reach but external attackers cannot-such as cloud instance metadata endpoints (169.254.169.254 for AWS/Azure/GCP), internal network services behind firewalls, or localhost services. The affected product BuildingAI (CPE: cpe:2.3:a:bidingcc:buildingai) appears to be an AI-focused application framework with file upload capabilities. The vulnerability exists in the core module's upload service component, suggesting it's a fundamental part of the application's file handling architecture.
RemediationAI
No vendor-released patch identified at time of analysis-BidingCC has not responded to the vulnerability disclosure in GitHub issue #110 despite early notification. In the absence of an official fix, implement the following compensating controls immediately: (1) Disable the Remote Upload API feature entirely if not business-critical by removing or commenting out the uploadRemoteFile endpoint in your BuildingAI configuration; this eliminates the attack surface but breaks remote file upload functionality for legitimate users. (2) If remote upload is required, implement strict allowlist validation on the url parameter-permit only specific approved domains/IP ranges and reject private IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8, 169.254.0.0/16, localhost) and cloud metadata endpoints (169.254.169.254); this reduces SSRF risk but requires maintenance as business needs change and may break legitimate internal resource access. (3) Deploy network segmentation to isolate BuildingAI servers from sensitive internal resources and cloud metadata services using firewall rules; this limits SSRF impact but does not prevent exploitation and requires infrastructure changes. (4) Monitor vendor response at https://github.com/BidingCC/BuildingAI for future patches and consider migration to alternative solutions if vendor remains unresponsive. Validate any future patch independently before deployment given vendor communication gap. For technical implementation details, reference the exploit disclosure at https://github.com/BidingCC/BuildingAI/issues/110 and VulDB analysis at https://vuldb.com/vuln/359640/cti.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today