CVE-2026-44287

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.15.0-beta1

Description The JavaScript sandbox worker fails to properly block dynamic import() calls due to an insufficient regular expression. The regex /bimports*(/.test(code) only accounts for ASCII whitespace and does not detect block comments placed between the import keyword and the opening parenthesis. An attacker can use a payload such as import/**/("child process") to bypass this check. Since import() is not wrapped by the safeRequire Proxy, which only handles require calls, this allows the loading of the child process module and the execution of execSync(), leading to arbitrary command execution as uid=100(sandbox) within the sandbox container.

Recommendations Update to version 4.15.0-beta1.