CVE-2026-42302
CRITICALFastGPT: Unauthenticated Remote Code Execution (RCE) via code-server Misconfiguration in agent-sandbox
Title source: cnaDescription
FastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the agent-sandbox component of FastGPT is vulnerable to unauthenticated Remote Code Execution (RCE). The startup script entrypoint.sh initializes code-server with the --auth none flag and binds the service to all network interfaces (0.0.0.0:8080). This configuration allows any user with network access to the port to bypass authentication and gain full control over the sandbox environment. This issue has been patched in version 4.14.13.
References (4)
Core 4
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/labring/FastGPT/security/advisories/GHSA-34rc-438g-7w78
X_Refsource_Misc x_refsource_misc
https://github.com/labring/FastGPT/pull/6781
X_Refsource_Misc x_refsource_misc
https://github.com/labring/FastGPT/commit/9d1cafce9241430fb5bcdd646455055c5f4ae0a4
X_Refsource_Misc x_refsource_misc
https://github.com/labring/FastGPT/releases/tag/v4.14.13
Scores
CVSS v3
9.8
EPSS
0.0072
EPSS Percentile
48.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-306
Status
published
Products (1)
labring/FastGPT
>= 4.14.10, < 4.14.13
Published
May 08, 2026
Tracked Since
May 09, 2026