CVE-2026-44285 labring CVE debrief

Who should care

Organizations running FastGPT instances for AI agent development, particularly those with multi-tenant deployments or integrations with internal services. Security teams responsible for AI/ML platform infrastructure and network segmentation.

Technical summary

An authenticated Server-Side Request Forgery (SSRF) vulnerability exists in FastGPT versions prior to 4.15.0-beta1. The vulnerability resides in the /api/core/dataset/file/getPreviewChunks endpoint when processing externalFile data import types. Attackers can bypass the isInternalAddress network protection mechanism to make arbitrary HTTP GET requests to internal network services. This represents an incomplete fix for a prior SSRF issue, indicating that previous remediation efforts did not fully address the attack surface. The vulnerability requires authenticated access but enables access to internal resources that should be isolated from the application layer.

Defensive priority

HIGH

Recommended defensive actions

• Upgrade FastGPT to version 4.15.0-beta1 or later to remediate this vulnerability.
• Review and restrict network access to internal services that may be reachable from FastGPT application servers.
• Audit logs for suspicious HTTP GET requests originating from the FastGPT application, particularly to internal IP ranges.
• Validate that the isInternalAddress protection is functioning correctly across all data import endpoints.

Evidence notes

CVE published 2026-05-29. CVSS 7.7 (HIGH). CWE-918 (Server-Side Request Forgery). Fix version 4.15.0-beta1 confirmed in advisory.

Official resources