CVE-2026-26075: FastGPT is an AI Agent building platform. Due to the fact that FastGPT's web page acquisition nodes, HTTP nodes, etc. ne
Summary
FastGPT is an AI Agent building platform (software for creating AI systems that perform tasks) that has a security vulnerability in components like web page acquisition nodes and HTTP nodes (parts that fetch data from servers). The vulnerability allows potential security risks when these nodes make data requests from the server, but it has been addressed by adding stricter internal network address detection (checks to prevent unauthorized access to internal systems).
Solution / Mitigation
This vulnerability is fixed in version 4.14.7. Update FastGPT to version 4.14.7 or later.
Vulnerability Details
EPSS: 0.0%
Classification
Taxonomy References
Affected Vendors
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2026-26190: Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus expose
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-26075
First tracked: February 12, 2026 at 05:25 PM
Classified by LLM (prompt v3) · confidence: 85%