CVE-2026-61684 in FastGPTthông tin

Tóm tắt

Bởi MITRE • 15/07/2026

FastGPT is a knowledge-based AI application platform. In 4.15.0-beta4, FastGPT plugin invoke reverse-call endpoints under /api/invoke/* authenticate only by verifying a JWT signed with INVOKE_TOKEN_SECRET, which defaults to the constant string token and was not set in official deployment templates. An unauthenticated attacker can self-sign an HS256 JWT and reach /api/invoke/userInfo to disclose cross-tenant user PII by attacker-supplied tmbId values, or /api/invoke/fileUpload to write attacker-controlled content into chat files. This issue is fixed in version 4.15.0-beta5.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

chịu trách nhiệm

GitHub M

Đặt trước

10/07/2026

Tiết lộ

15/07/2026

Kiểm duyệt

được chấp nhận

EPSS

0.00000

KEV

không

Các hoạt động

thấp

Nguồn

Do you want to use VulDB in your project?

Use the official API to access entries easily!