Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-49131

Good to know:

icon

Date: June 9, 2025

FastGPT is an open-source project that provides a platform for building, deploying, and operating AI-driven workflows and conversational agents. The Sandbox container (fastgpt-sandbox) is a specialized, isolated environment used by FastGPT to safely execute user-submitted or dynamically generated code in isolation. The sandbox before version 4.9.11 has insufficient isolation and inadequate restrictions on code execution by allowing overly permissive syscalls, which allows attackers to escape the intended sandbox boundaries. Attackers could exploit this to read and overwrite arbitrary files and bypass Python module import restrictions. This is patched in version 4.9.11 by restricting the allowed system calls to a safer subset and additional descriptive error messaging.

Severity Score

Related Resources (7)

https://github.com/labring/FastGPT/pull/4958
https://github.com/labring/FastGPT/security/advisories/GHSA-f3pf-r3g7-g895
https://github.com/labring/FastGPT/pkgs/container/fastgpt-sandbox
https://nvd.nist.gov/vuln/detail/CVE-2025-49131
https://github.com/labring/FastGPT/releases/tag/v4.9.11
https://github.com/labring/FastGPT/commit/bb810a43a1c70683fab7f5fe993771e930a94426
https://www.mend.io/vulnerability-database/CVE-2025-49131

Severity Score

Weakness Type (CWE)

Incorrect Permission Assignment for Critical Resource

CWE-732

Top Fix

icon

Upgrade Version

Upgrade to version https://github.com/labring/FastGPT.git - v4.9.11

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): LOW

Do you need more information?

Contact Us