FastGPT 4.14.7 and earlier allows arbitrary file creation/overwrites

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.3

FastGPT 4.14.7 and earlier allows arbitrary file creation/overwrites

CVE-2026-32128

Summary

FastGPT's Python Sandbox's security restrictions can be bypassed, allowing files to be created or overwritten inside the sandbox. This could be a concern for users who rely on the sandbox to protect sensitive data. Update to a version of FastGPT 4.14.8 or later to fix this issue.

Original title

Original description

FastGPT is an AI Agent building platform. In 4.14.7 and earlier, FastGPT's Python Sandbox (fastgpt-sandbox) includes guardrails intended to prevent file writes (static detection + seccomp). These guardrails are bypassable by remapping stdout (fd 1) to an arbitrary writable file descriptor using fcntl. After remapping, writing via sys.stdout.write() still satisfies the seccomp rule write(fd==1), enabling arbitrary file creation/overwrite inside the sandbox container despite the intended no file writes restriction.

nvd CVSS3.1 6.3

Vulnerability type

CWE-184

https://github.com/labring/FastGPT/security/advisories/GHSA-6hw6-mxrm-v6wj

Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026