External risk intelligence

FastGPT login bypass can give attackers admin control over customer data and services.

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-40351

FastGPT has a critical flaw allowing anyone to log in as an administrator without a password, potentially exposing sensitive data and services. Update to version 4.14.9.5 immediately.

4Halo Surface Signal

Fastgpt

before 4.14.9.5

External exposure likelihood

Halo Surface Signal score for CVE-2026-40351

FastGPT functions as an AI agent building platform with a login interface. As a web-based application, it is commonly deployed as an internet-facing service to facilitate remote access for users. The login endpoint is a standard, internet-accessible component of such platforms, making it reachable from the public internet in typical deployment scenarios.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

An unauthenticated attacker can bypass password checks in FastGPT by sending a specially crafted request to the login endpoint. This allows them to log in as any user, including the administrator, potentially compromising the entire system.

  • Unauthorized administrator access.
  • Affects AI agent building platforms.
  • Reachable from the internet.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can bypass authentication on FastGPT by exploiting a NoSQL injection flaw in the password login endpoint. By sending a specially crafted MongoDB query operator as the password, an attacker can log in as any user, including the administrator, gaining full control of the platform.

  • Attacker targets login endpoint.
  • Bypasses password validation.
  • Gains admin access.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability allows unauthenticated attackers to bypass password checks and gain administrative access to FastGPT, a platform for building AI agents. Attackers are likely to exploit this for unauthorized control and data access.

  • NoSQL injection in login endpoint
  • Unauthenticated remote code execution potential
  • Internet-facing web application component

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize patching FastGPT to version 4.14.9.5 immediately to address the critical NoSQL injection vulnerability. If patching is delayed, implement strict network access controls and monitor for suspicious login attempts and unusual database activity.

  • Update FastGPT to 4.14.9.5.
  • Block network access if unpatched.
  • Monitor for authentication anomalies.

Frequently asked questions

What is FastGPT and what is it used for?

FastGPT is a platform designed for building AI agents. It provides tools and functionalities that enable users to create and deploy artificial intelligence agents for various purposes.

What is the vulnerability in FastGPT, and what weakness class does it fall into?

The vulnerability in FastGPT (CVE-2026-40351) is a NoSQL injection flaw. This occurs because the password validation logic in older versions does not properly check the input, allowing attackers to insert malicious query operators.

How can an attacker exploit this FastGPT vulnerability?

An unauthenticated attacker can exploit this by sending a specially crafted request to the login endpoint, providing a MongoDB query operator object as the password. This bypasses the intended password check, granting unauthorized access.

Who should be concerned about this FastGPT vulnerability?

Organizations using FastGPT, especially those with internet-facing instances, should be concerned. This is because the vulnerability is reachable from the internet and could be exploited by external attackers.

What is the first step to respond to this FastGPT vulnerability?

The immediate first step is to update FastGPT to version 4.14.9.5 or later, as this version contains the fix for the vulnerability. If immediate patching isn't possible, restrict network access to the affected system.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified