AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-44287: FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/

mediumvulnerability

security

Source: NVD/CVE DatabaseMay 29, 2026CVE-2026-44287

Summary

FastGPT, an AI Agent building platform, had a vulnerability in its JavaScript sandbox worker that failed to properly block dynamic imports (a way to load code at runtime). An attacker could bypass the security filter using a comment syntax (import/**/("child_process")) that the filter didn't recognize, allowing them to execute arbitrary commands inside the sandbox container.

Solution / Mitigation

This vulnerability is fixed in version 4.15.0-beta1.

Vulnerability Details

CVSS Score

6.3(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

network

Attack Complexity

low

Privileges Required

low

User Interaction

none

Disclosure Date

May 29, 2026

Classification

Attack Type

Supply Chain

Attack SophisticationModerate

Impact (CIA+S)

integrityavailability

Taxonomy References

CWE (Weakness Type)

CWE-94 CWE-184

CAPEC (Attack Pattern)

CAPEC-242

MITRE ATLAS (AI/ML Threat Technique)

Affected Vendors

LangChain

Related Issues

medium

CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e

Similar attackNVD/CVE Database

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Similar attack

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-44287

First tracked: May 29, 2026 at 08:09 PM

Classified by LLM (prompt v3) · confidence: 92%