CVE-2026-26075: CWE-352: Cross-Site Request Forgery (CSRF) in labring FastGPT
CVE-2026-26075 is a Cross-Site Request Forgery (CSRF) vulnerability affecting labring's FastGPT AI Agent building platform versions prior to 4. 14. 7. The vulnerability arises because FastGPT's web page acquisition and HTTP nodes initiate data acquisition requests from the server without sufficient CSRF protections. This flaw could allow an attacker to trick an authenticated user into submitting unauthorized requests, potentially manipulating server-side operations. The vulnerability has a CVSS 4. 0 base score of 6. 9 (medium severity), indicating moderate impact with no authentication or user interaction required. Although no known exploits are currently reported in the wild, the issue is fixed in version 4. 14.
AI Analysis
Technical Summary
CVE-2026-26075 is a medium severity Cross-Site Request Forgery (CSRF) vulnerability identified in labring's FastGPT platform, an AI Agent building tool that relies on web page acquisition and HTTP nodes to initiate data acquisition requests from its server. The vulnerability stems from insufficient CSRF protections on these server-initiated requests, allowing attackers to craft malicious web requests that can be executed in the context of an authenticated user without their consent. This could lead to unauthorized actions being performed on the server, such as manipulating data acquisition workflows or triggering unintended operations. The vulnerability does not require authentication or user interaction, increasing its risk profile. The vendor addressed the issue in FastGPT version 4.14.7 by enhancing internal network isolation and implementing stricter detection of internal network addresses to prevent exploitation. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N) reflects a network attack vector with low attack complexity, no privileges or user interaction required, and limited impact on confidentiality and integrity but some impact on availability. No public exploits are known at this time, but the vulnerability poses a risk to environments where FastGPT is deployed, especially those exposed to untrusted networks or users.
Potential Impact
For European organizations using FastGPT versions prior to 4.14.7, this vulnerability could lead to unauthorized server-side actions initiated via CSRF attacks. Potential impacts include manipulation of AI agent data acquisition processes, disruption of automated workflows, and possible degradation of service availability. While confidentiality impact is limited, integrity and availability could be affected if attackers exploit this flaw to alter or disrupt data acquisition tasks. Organizations relying on FastGPT for critical AI operations may face operational disruptions or data inconsistencies. The lack of required authentication or user interaction increases the risk of automated exploitation attempts, especially in environments where users access FastGPT interfaces from browsers exposed to malicious websites. This could be particularly concerning for sectors with high reliance on AI-driven automation, such as finance, manufacturing, or research institutions in Europe.
Mitigation Recommendations
European organizations should immediately upgrade FastGPT to version 4.14.7 or later to apply the vendor's fix. In addition to patching, organizations should implement strict network segmentation and internal network isolation to limit exposure of FastGPT servers to untrusted networks. Employing web application firewalls (WAFs) with rules to detect and block CSRF attack patterns can provide additional protection. Organizations should also enforce the use of anti-CSRF tokens in all web forms and API requests related to FastGPT interfaces. Monitoring and logging of unusual request patterns to FastGPT servers can help detect attempted exploitation. Finally, educating users about the risks of interacting with untrusted websites while authenticated to FastGPT can reduce the likelihood of successful CSRF attacks.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland
CVE-2026-26075: CWE-352: Cross-Site Request Forgery (CSRF) in labring FastGPT
Description
CVE-2026-26075 is a Cross-Site Request Forgery (CSRF) vulnerability affecting labring's FastGPT AI Agent building platform versions prior to 4. 14. 7. The vulnerability arises because FastGPT's web page acquisition and HTTP nodes initiate data acquisition requests from the server without sufficient CSRF protections. This flaw could allow an attacker to trick an authenticated user into submitting unauthorized requests, potentially manipulating server-side operations. The vulnerability has a CVSS 4. 0 base score of 6. 9 (medium severity), indicating moderate impact with no authentication or user interaction required. Although no known exploits are currently reported in the wild, the issue is fixed in version 4. 14.
AI-Powered Analysis
Technical Analysis
CVE-2026-26075 is a medium severity Cross-Site Request Forgery (CSRF) vulnerability identified in labring's FastGPT platform, an AI Agent building tool that relies on web page acquisition and HTTP nodes to initiate data acquisition requests from its server. The vulnerability stems from insufficient CSRF protections on these server-initiated requests, allowing attackers to craft malicious web requests that can be executed in the context of an authenticated user without their consent. This could lead to unauthorized actions being performed on the server, such as manipulating data acquisition workflows or triggering unintended operations. The vulnerability does not require authentication or user interaction, increasing its risk profile. The vendor addressed the issue in FastGPT version 4.14.7 by enhancing internal network isolation and implementing stricter detection of internal network addresses to prevent exploitation. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N) reflects a network attack vector with low attack complexity, no privileges or user interaction required, and limited impact on confidentiality and integrity but some impact on availability. No public exploits are known at this time, but the vulnerability poses a risk to environments where FastGPT is deployed, especially those exposed to untrusted networks or users.
Potential Impact
For European organizations using FastGPT versions prior to 4.14.7, this vulnerability could lead to unauthorized server-side actions initiated via CSRF attacks. Potential impacts include manipulation of AI agent data acquisition processes, disruption of automated workflows, and possible degradation of service availability. While confidentiality impact is limited, integrity and availability could be affected if attackers exploit this flaw to alter or disrupt data acquisition tasks. Organizations relying on FastGPT for critical AI operations may face operational disruptions or data inconsistencies. The lack of required authentication or user interaction increases the risk of automated exploitation attempts, especially in environments where users access FastGPT interfaces from browsers exposed to malicious websites. This could be particularly concerning for sectors with high reliance on AI-driven automation, such as finance, manufacturing, or research institutions in Europe.
Mitigation Recommendations
European organizations should immediately upgrade FastGPT to version 4.14.7 or later to apply the vendor's fix. In addition to patching, organizations should implement strict network segmentation and internal network isolation to limit exposure of FastGPT servers to untrusted networks. Employing web application firewalls (WAFs) with rules to detect and block CSRF attack patterns can provide additional protection. Organizations should also enforce the use of anti-CSRF tokens in all web forms and API requests related to FastGPT interfaces. Monitoring and logging of unusual request patterns to FastGPT servers can help detect attempted exploitation. Finally, educating users about the risks of interacting with untrusted websites while authenticated to FastGPT can reduce the likelihood of successful CSRF attacks.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-02-10T18:01:31.901Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 698e4e5cc9e1ff5ad8206a33
Added to database: 2/12/2026, 10:04:12 PM
Last enriched: 2/12/2026, 10:19:03 PM
Last updated: 2/13/2026, 12:21:33 AM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2024-21961: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer in AMD AMD EPYC™ 7002 Series Processors
MediumCVE-2025-40905: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in DBOOK WWW::OAuth
HighCVE-2025-70092: n/a
HighCVE-2026-26055: CWE-306: Missing Authentication for Critical Function in yokecd yoke
HighCVE-2026-26076: CWE-770: Allocation of Resources Without Limits or Throttling in pendulum-project ntpd-rs
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.