{"data":{"id":"388d5fe8-0a2b-4537-b09c-42d6221a6cad","title":"CVE-2026-26075: FastGPT is an AI Agent building platform. Due to the fact that FastGPT's web page acquisition nodes, HTTP nodes, etc. ne","summary":"FastGPT is an AI Agent building platform (software for creating AI systems that perform tasks) that has a security vulnerability in components like web page acquisition nodes and HTTP nodes (parts that fetch data from servers). The vulnerability allows potential security risks when these nodes make data requests from the server, but it has been addressed by adding stricter internal network address detection (checks to prevent unauthorized access to internal systems).","solution":"This vulnerability is fixed in version 4.14.7. Update FastGPT to version 4.14.7 or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-26075","publishedAt":"2026-02-12T22:16:06.817Z","cveId":"CVE-2026-26075","cweIds":["CWE-352"],"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["FastGPT"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00016,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}