CVE-2026-54607
HIGHFastGPT: SSRF in HTTP-tool OpenAPI schema importer via SwaggerParser $ref (bypasses the isInternalAddress guard)
Title source: cnaDescription
FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns fetched content inline, allowing an authenticated team member to read internal services or cloud metadata. This issue is fixed in version 4.15.0-beta4.
References (4)
Core 4
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/labring/FastGPT/security/advisories/GHSA-72hf-5382-2mq9
X_Refsource_Misc x_refsource_misc
https://github.com/labring/FastGPT/pull/7073
X_Refsource_Misc x_refsource_misc
https://github.com/labring/FastGPT/commit/1d7b8768aecd53ae59372fd68b10af0e80722c79
X_Refsource_Misc x_refsource_misc
https://github.com/labring/FastGPT/releases/tag/v4.15.0-beta4
Scores
CVSS v3
7.7
EPSS
0.0024
EPSS Percentile
14.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-918
Status
published
Products (1)
labring/FastGPT
< 4.15.0-beta4
Published
Jul 07, 2026
Tracked Since
Jul 08, 2026