CNNVD-202602-1471 Information
CNNVD ID
CNNVD-202602-1471
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
FastGPT是labring开源的一款基于大语言模型的开源知识库问答系统。 FastGPT 4.14.0版本至4.14.5版本存在输入验证错误漏洞,该漏洞源于未经身份验证即可直接访问插件系统,可能导致插件系统崩溃和安装状态丢失。
Description (English)
FastGPT is an open-source knowledge base question-and-answer system based on a large-language model of the labring open source. FastGPT versions 4.14.0 to 4.14.5 have input authentication error holes that stem from direct access to the plugin system without authentication, which could lead to the collapse and loss of the installation status of the plugin system.
Vulnerability Type
输入验证错误
Affected Vendor
labring
Published
2026-02-10
Last Modified
2026-02-24
References
https://github.com/labring/FastGPT/releases/tag/v4.14.5-fix https://github.com/labring/FastGPT/commit/0beb52a2f3dc4067aab011cc98122d1352823b0c https://github.com/labring/FastGPT/security/advisories/GHSA-wcrg-g824-9gfg https://access.redhat.com/security/cve/cve-2026-26003
Patch
https://github.com/labring/FastGPT/releases
Share on: