CVE-2026-40352 | labring FastGPT up to 4.14.9.5 Password Change Endpoint data query logic injection

A vulnerability was found in labring FastGPT up to 4.14.9.5. It has been declared as critical. Affected is an unknown function of the component Password Change Endpoint. Executing a manipulation can lead to improper neutralization of special elements in data query logic.

This vulnerability is handled as CVE-2026-40352. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More