CVE-2026-55418: CWE-639: Authorization Bypass Through User-Controlled Key in labring FastGPT
CVE-2026-55418 is an authorization bypass vulnerability in labring FastGPT, an open source AI knowledge base platform. Prior to version 4.15.0-beta5, two file handlers in FastGPT authorize unrelated resources but then use an S3 object key from the request without verifying team ownership. Since S3 object keys are global within the bucket and tenant IDs appear only as path segments, an attacker can supply another team's key to access their file contents via certain endpoints. This issue is fixed in version 4.15.0-beta5.
AI Analysis
Technical Summary
FastGPT versions before 4.15.0-beta5 contain an authorization bypass vulnerability (CWE-639) where two file handlers authorize unrelated resources but then sign or read S3 objects using keys directly from user requests without verifying that the key belongs to the caller's team. Because S3 object keys are global within the bucket and tenant identification is only part of the path, an attacker can supply another team's key to access their files through the chat-file presign or dataset preview endpoints. This vulnerability allows unauthorized read access to other tenants' files. The issue is resolved in FastGPT version 4.15.0-beta5. The CVSS 3.1 score is 8.6 (high severity) with network attack vector, low complexity, no privileges required, no user interaction, and impact on confidentiality only.
Potential Impact
An attacker can bypass authorization controls to read files belonging to other teams by supplying their S3 object keys, leading to unauthorized disclosure of sensitive data stored in the FastGPT platform. The vulnerability affects confidentiality but does not impact integrity or availability. There are no known exploits in the wild. Because the service is cloud-hosted, the vendor manages remediation.
Mitigation Recommendations
This vulnerability is fixed in FastGPT version 4.15.0-beta5. Since FastGPT is a cloud service, the vendor typically manages remediation server-side. Users should verify with the vendor advisory that their service instance is updated to version 4.15.0-beta5 or later to ensure the vulnerability is mitigated. Patch status is confirmed as fixed in v4.15.0-beta5.
CVE-2026-55418: CWE-639: Authorization Bypass Through User-Controlled Key in labring FastGPT
Description
CVE-2026-55418 is an authorization bypass vulnerability in labring FastGPT, an open source AI knowledge base platform. Prior to version 4.15.0-beta5, two file handlers in FastGPT authorize unrelated resources but then use an S3 object key from the request without verifying team ownership. Since S3 object keys are global within the bucket and tenant IDs appear only as path segments, an attacker can supply another team's key to access their file contents via certain endpoints. This issue is fixed in version 4.15.0-beta5.
CVSS v3.1
Score 8.6high
Affected software
pkg:github/labring/FastGPTRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
FastGPT versions before 4.15.0-beta5 contain an authorization bypass vulnerability (CWE-639) where two file handlers authorize unrelated resources but then sign or read S3 objects using keys directly from user requests without verifying that the key belongs to the caller's team. Because S3 object keys are global within the bucket and tenant identification is only part of the path, an attacker can supply another team's key to access their files through the chat-file presign or dataset preview endpoints. This vulnerability allows unauthorized read access to other tenants' files. The issue is resolved in FastGPT version 4.15.0-beta5. The CVSS 3.1 score is 8.6 (high severity) with network attack vector, low complexity, no privileges required, no user interaction, and impact on confidentiality only.
Potential Impact
An attacker can bypass authorization controls to read files belonging to other teams by supplying their S3 object keys, leading to unauthorized disclosure of sensitive data stored in the FastGPT platform. The vulnerability affects confidentiality but does not impact integrity or availability. There are no known exploits in the wild. Because the service is cloud-hosted, the vendor manages remediation.
Mitigation Recommendations
This vulnerability is fixed in FastGPT version 4.15.0-beta5. Since FastGPT is a cloud service, the vendor typically manages remediation server-side. Users should verify with the vendor advisory that their service instance is updated to version 4.15.0-beta5 or later to ensure the vulnerability is mitigated. Patch status is confirmed as fixed in v4.15.0-beta5.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-06-16T21:48:43.125Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
Threat ID: 6a4d7350c9d9e3dbe3e36b35
Added to database: 07/07/2026, 21:44:48 UTC
Last enriched: 07/07/2026, 21:58:15 UTC
Last updated: 07/07/2026, 22:31:14 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.