Threats Tagged 'cve-2026-32128'
View all threats tagged with 'cve-2026-32128'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-32128'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-32128: CWE-184: Incomplete List of Disallowed Inputs in labring FastGPTCVE-2026-32128 0 CVE-2026-32128 is a medium severity vulnerability affecting FastGPT versions 4. 14. 7 and earlier. It arises from incomplete input filtering in FastGPT's Python Sandbox, allowing attackers to bypass file write restrictions by remapping stdout to an arbitrary writable file descriptor using fcntl. This bypass enables arbitrary file creation or overwriting inside the sandbox container despite intended protections. Exploitation requires low privileges but no user interaction and can impact confidentiality, integrity, and availability within the sandbox environment. No known exploits are currently reported in the wild. Organizations using FastGPT AI Agent building platform should prioritize patching or mitigating this vulnerability to prevent potential sandbox escape or unauthorized file manipulation. The vulnerability is relevant globally but especially critical in countries with significant AI development and deployment using FastGPT. The CVSS score is 6. Join the discussion | CVE Database V5 | 03/11/2026, 21:30:26 UTC Added: 03/11/2026, 21:44:47 UTC |
Showing 1 to 1 of 1 result