{"vulnerability": "CVE-2026-42302", "sightings": [{"uuid": "180edde4-00b1-4121-a3a7-ff3b9f068508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42302", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mleuuesn3g2q", "content": "\ud83d\udd34 CVE-2026-42302 - Critical (9.8)\n\nFastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the age...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42302/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-08T23:25:01.533436Z"}, {"uuid": "2ac67c88-8ab9-4158-a368-0cd0eca228cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42302", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlf24tccw72t", "content": "CVE-2026-42302 - FastGPT: Unauthenticated Remote Code Execution (RCE) via code-server Misconfiguration in agent-sandbox\nCVE ID : CVE-2026-42302\n \n Published : May 8, 2026, 11:16 p.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : FastGPT is an AI Agent building platform. From versio...", "creation_timestamp": "2026-05-09T00:59:13.625510Z"}, {"uuid": "51cc582d-0d8d-4e9b-8ef3-6a2894ff682a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42302", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116542736159072291", "content": "\ud83d\udea8 CRITICAL FastGPT vuln (CVE-2026-42302): v4.14.10-4.14.12 agent-sandbox allows unauth RCE via port 8080 (CWE-306). Patch in v4.14.13. Restrict access & upgrade now! https://radar.offseq.com/threat/cve-2026-42302-cwe-306-missing-authentication-for--1386c543 #OffSeq #FastGPT #infosec #RCE", "creation_timestamp": "2026-05-09T04:30:30.413260Z"}, {"uuid": "9dab2db9-6070-4a24-9f95-a56d2ff6445c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42302", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlffwmj2dc23", "content": "FastGPT CRITICAL vuln: v4.14.10-4.14.12 agent-sandbox allows unauth RCE on port 8080. Upgrade to 4.14.13+ or restrict network access now. \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-42302-cwe-306-missing-authentication-for--1386c543 #OffSeq #FastGPT #RCE", "creation_timestamp": "2026-05-09T04:30:30.577187Z"}]}