CVE-2026-50562

Summary

FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged workflow_run jobs in .github/workflows/preview-docs-push.yml and .github/workflows/preview-fastgpt-push.yml, allowing attacker-controlled Docker images from the document/ tree or FastGPT build context to be pushed to GHCR and, for documentation previews, deployed with secrets.KUBE_CONFIG_CN.

Affected Software

VendorProductVersion RangeStatus
labringFastGPT<= 22ebfacbb43311e9b73294040ae0eb87390c6bbaaffected

Weaknesses

  • CWE-266: CWE-266: Incorrect Privilege Assignment
  • CWE-494: CWE-494: Download of Code Without Integrity Check
  • CWE-829: CWE-829: Inclusion of Functionality from Untrusted Control Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References