Server-Side Request Forgery Vulnerability in FastGPT by Labring
CVE-2026-61646

6.3MEDIUM

Key Information:

Vendor

Labring

Status
Vendor
CVE Published:
15 July 2026

What is CVE-2026-61646?

FastGPT is a knowledge-based AI application platform that prior to version 4.15.0-beta5 had a vulnerability allowing an authenticated user to exploit the platform’s shared SSRF guard. This guard only validated the initial request URL, failing to block subsequent redirects made by axios, which follows URL redirects by default. An attacker could leverage this flaw by configuring an HTTP request node to point to a malicious URL, ultimately redirecting to sensitive internal services, cloud metadata, or loopback addresses that would normally be protected. The response body would then be returned to the user, allowing potential exfiltration of sensitive information. This issue has been addressed and fixed in version 4.15.0-beta5.

Affected Version(s)

FastGPT < 4.15.0-beta5

References

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.