216.73.217.64

CVE-2025-62612

· Published 22/10/2025 21:15 · Modified 22/10/2025 21:15

Labels: CVE-2025-62612 2025-10-22CVE-2025-62612CWE-918[email protected]

Essential information

Published
22/10/2025 21:15
Modified
22/10/2025 21:15
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

FastGPT is an AI Agent building platform. Prior to version 4.11.1, in the workflow file reading node, the network link is not security-verified, posing a risk of SSRF attacks. This issue has been patched in version 4.11.1.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
fastgpt / fastgpt cpe:2.3:a:fastgpt:fastgpt:<4.11.1:*:*:*:*:*:*:*

References