Platform
nodejs
Component
fastgpt
Fixed in
4.14.11
CVE-2026-40252 describes a Broken Access Control (IDOR/BOLA) vulnerability affecting FastGPT, an AI Agent building platform. This flaw allows authenticated team members to access and execute applications belonging to other teams, potentially exposing sensitive data and disrupting operations. The vulnerability impacts versions 0.0.0 up to and including 4.14.10.3, and a fix is available in version 4.14.10.4.
The core impact of CVE-2026-40252 lies in the potential for cross-tenant data exposure and unauthorized execution of private AI workflows. An attacker, posing as an authenticated team member, could leverage this IDOR vulnerability to gain access to applications and data belonging to other teams within the FastGPT platform. This could lead to the theft of sensitive information, manipulation of AI models, or disruption of critical business processes. The blast radius extends to all teams sharing the same FastGPT instance, as any authenticated user could potentially exploit the vulnerability to access resources outside their designated scope. This is similar to other IDOR vulnerabilities where a simple parameter modification can bypass access controls.
CVE-2026-40252 was publicly disclosed on 2026-04-10. There is currently no indication of active exploitation or a KEV listing. Public proof-of-concept code is not yet available, but the vulnerability's nature (IDOR) suggests it could be relatively easy to exploit once a PoC is developed. The EPSS score is pending evaluation.
Exploit Status
EPSS
0.06% (20% percentile)
CISA SSVC
The primary mitigation for CVE-2026-40252 is to immediately upgrade FastGPT to version 4.14.10.4 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing temporary workarounds. While a direct WAF rule is unlikely to be effective without specific application logic awareness, carefully review API access control policies and ensure that team tokens are rigorously validated against the requested application ID. Implement stricter authentication and authorization checks within the application code to prevent unauthorized access. After upgrading, confirm the fix by attempting to access an application belonging to a different team using a valid team token; access should be denied.
Update FastGPT to version 4.14.10.4 or higher to mitigate the broken access control vulnerability. This update corrects the lack of verification of application membership to the authenticated team, preventing unauthorized access to private applications and AI workflows.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-40252 is a Broken Access Control (IDOR) vulnerability in FastGPT versions 0.0.0 through 4.14.10.3, allowing unauthorized access to other teams' applications.
If you are using FastGPT versions 0.0.0 through 4.14.10.3, you are potentially affected by this vulnerability. Assess your environment and upgrade as soon as possible.
Upgrade FastGPT to version 4.14.10.4 or later to remediate the vulnerability. Implement temporary access control policies if immediate upgrade is not possible.
There is currently no evidence of active exploitation, but the vulnerability's nature suggests it could be easily exploited once a proof-of-concept is available.
Refer to the FastGPT official security advisories and release notes for detailed information and updates regarding CVE-2026-40252.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.