Vulnerabilities in labring
26 resultsCVE-2026-26003MEDIUMFastGPT Plugin forwarding request is not authenticated, posing a serious risk of attackEPSS 0.2%CVE-2026-44286LOWFastGPT: SSRF Vulnerability in Laf Workflow Node via Missing Internal Address ValidationEPSS 0.2%CVE-2025-62612MEDIUMFastGPT File Reading Node SSRF VulnerabilityEPSS 0.2%CVE-2026-42345HIGHFastGPT: Cloud metadata endpoint SSRF protection bypass via port specification, IPv6 mapping, hex/decimal IP encoding, and trailing dotEPSS 0.2%CVE-2026-42344MEDIUMFastGPT: DNS rebinding TOCTOU bypass in isInternalAddress allows SSRF on all protected endpointsEPSS 0.1%CVE-2026-26075MEDIUMCross-Site Request Forgery (CSRF) in FastGPTEPSS 0.1%