CVE-2026-34162 CRITICAL

CVE-2026-34162: FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft

Vendor Labring
Product FastGPT
Weakness CWE-306 · Missing auth
Published March 31, 2026
Last update March 31, 2026

CVSS base score

10.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

What the vulnerability does

01Description

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint (/api/core/app/httpTools/runTool) is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers, and body, then makes a server-side HTTP request and returns the complete response to the caller. This issue has been patched in version 4.14.9.5.

Key dates

02Disclosure timeline

March 31, 2026 CVE published
March 31, 2026 Record updated