CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-55418

highCVSS 8.6covered by 1 sourcefirst seen 2026-07-07
FastGPT is an open source AI knowledge base platform. Prior to v4.15.0-beta5, two FastGPT file handlers authorize an unrelated resource and then sign or read an S3 object using a key taken directly from the request, without checking that the key belongs to the caller's team. Because S3 object keys are global within the bucket and carry the tenant id only as a path segment, an attacker can supply another team's key and obtain its file contents through the chat-file presign endpoint or dataset preview endpoint. This issue is fixed in version v4.15.0-beta5.

⚡ Watch CVE-2026-55418

Get an email if CVE-2026-55418 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-55418

CVE.org record

Embed the live status

CVE-2026-55418 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-55418 status](https://www.csirts.com/badge/CVE-2026-55418)](https://www.csirts.com/cve/CVE-2026-55418)