{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40351", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-10T22:50:01.359Z", "datePublished": "2026-04-17T21:05:05.911Z", "dateUpdated": "2026-04-20T14:57:15.664Z"}, "containers": {"cna": {"title": "FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-943", "lang": "en", "description": "CWE-943: Improper Neutralization of Special Elements in Data Query Logic", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/labring/FastGPT/security/advisories/GHSA-x8mx-2mr7-h9xg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/labring/FastGPT/security/advisories/GHSA-x8mx-2mr7-h9xg"}, {"name": "https://github.com/labring/FastGPT/commit/bd966d479fbe414d02679cf79f9eaaab3d100a2d", "tags": ["x_refsource_MISC"], "url": "https://github.com/labring/FastGPT/commit/bd966d479fbe414d02679cf79f9eaaab3d100a2d"}, {"name": "https://github.com/labring/FastGPT/releases/tag/v4.14.9.5", "tags": ["x_refsource_MISC"], "url": "https://github.com/labring/FastGPT/releases/tag/v4.14.9.5"}], "affected": [{"vendor": "labring", "product": "FastGPT", "versions": [{"version": "< 4.14.9.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-17T21:05:05.911Z"}, "descriptions": [{"lang": "en", "value": "FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object (e.g., {\"$ne\": \"\"}) as the password field. This NoSQL injection bypasses the password check, enabling login as any user including the root administrator. This issue has been fixed in version 4.14.9.5."}], "source": {"advisory": "GHSA-x8mx-2mr7-h9xg", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-20T14:47:36.369173Z", "id": "CVE-2026-40351", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T14:57:15.664Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40351", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-20T14:47:36.369173Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T14:47:37.630Z"}}], "cna": {"title": "FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass", "source": {"advisory": "GHSA-x8mx-2mr7-h9xg", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "labring", "product": "FastGPT", "versions": [{"status": "affected", "version": "< 4.14.9.5"}]}], "references": [{"url": "https://github.com/labring/FastGPT/security/advisories/GHSA-x8mx-2mr7-h9xg", "name": "https://github.com/labring/FastGPT/security/advisories/GHSA-x8mx-2mr7-h9xg", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/labring/FastGPT/commit/bd966d479fbe414d02679cf79f9eaaab3d100a2d", "name": "https://github.com/labring/FastGPT/commit/bd966d479fbe414d02679cf79f9eaaab3d100a2d", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/labring/FastGPT/releases/tag/v4.14.9.5", "name": "https://github.com/labring/FastGPT/releases/tag/v4.14.9.5", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object (e.g., {\"$ne\": \"\"}) as the password field. This NoSQL injection bypasses the password check, enabling login as any user including the root administrator. This issue has been fixed in version 4.14.9.5."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-943", "description": "CWE-943: Improper Neutralization of Special Elements in Data Query Logic"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-17T21:05:05.911Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40351", "state": "PUBLISHED", "dateUpdated": "2026-04-20T14:57:15.664Z", "dateReserved": "2026-04-10T22:50:01.359Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-17T21:05:05.911Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fastgpt:fastgpt:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE20269A-5497-4727-B3DD-3EDC1E1F234E", "versionEndExcluding": "4.14.9.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object (e.g., {\"$ne\": \"\"}) as the password field. This NoSQL injection bypasses the password check, enabling login as any user including the root administrator. This issue has been fixed in version 4.14.9.5."}], "id": "CVE-2026-40351", "lastModified": "2026-04-27T19:39:32.913", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-17T22:16:32.793", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/labring/FastGPT/commit/bd966d479fbe414d02679cf79f9eaaab3d100a2d"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/labring/FastGPT/releases/tag/v4.14.9.5"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/labring/FastGPT/security/advisories/GHSA-x8mx-2mr7-h9xg"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-943"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.14.9.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "FastGPT", "source": "cna", "vendor": "labring"}, "product": "fastgpt", "vendor": "labring"}], "analysis": {"en": {"generated_at": "2026-04-18T08:56:11.131461+00:00", "value": {"mitigation_remediation": ["Upgrade FastGPT to version 4.14.9.5 or later, which includes the fix for the NoSQL injection flaw.", "Restrict network access to the authentication endpoint, for example by using a firewall or VPN, to limit exposure to trusted hosts.", "Implement strict server\u2011side validation of password inputs to reject any MongoDB query operators or non\u2011alphanumeric characters."], "summary": {"action": "Immediate Patch", "impact": "Authentication Bypass"}, "threat_synthesis": {"affected_systems": "The FastGPT AI Agent building platform is affected in all releases prior to v4.14.9.5. Versions v4.14.9.5 and later contain the fix.", "description_and_impact": "FastGPT uses type assertions instead of runtime checks on the loginByPassword endpoint. An unauthenticated attacker can submit a MongoDB query operator object as the password, which the underlying database interprets and therefore bypasses the password check. This allows login as any user, including the root administrator, giving full control over the system without credentials.", "risk_and_exploitability": "The CVSS score of 9.8 classifies this as a critical severity vulnerability. The EPSS score is not available, and the issue is not listed in the CISA KEV catalog. The vulnerability is exploitable through the publicly exposed login endpoint without needing any prior authentication. An attacker can simply construct a carefully crafted request to inject the query operator and obtain privileged access."}}}}, "created": "2026-04-17T22:30:29.500976+00:00", "updated": "2026-04-18T09:00:05.900989+00:00", "vendors": ["labring", "labring$PRODUCT$fastgpt"]}