0Gur1

**Name of the Vulnerable Software and Affected Versions** FastGPT versions prior to 4.11.1 **Description** FastGPT is a platform for building AI Agents. Versions of FastGPT before 4.11.1 contain a Server-Side Request Forgery (SSRF) issue in the workflow file reading node. The system does not verify the security of network links, which could allow for SSRF attacks. **Recommendations** Update to version 4.11.1 or later.

**Name of the Vulnerable Software and Affected Versions** LightGBM (affected versions not specified) **Description** The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Langchain version 0.0.171 **Description** The issue concerns arbitrary code execution in the `load prompt` function. This allows for potentially malicious code to be executed, posing a significant risk. **Recommendations** For Langchain version 0.0.171, consider disabling the `load prompt` function until a patch is available to prevent arbitrary code execution.