FastGPT is an AI Agent building platform. In 4.14.7 and earlier, FastGPT's Python Sandbox (fastgpt-sandbox) includes guardrails intended to prevent file writes (static detection + seccomp). These guardrails are bypassable by remapping stdout (fd 1) to an arbitrary writable file descriptor using fcntl. After remapping, writing via sys.stdout.write() still satisfies the seccomp rule write(fd==1), enabling arbitrary file creation/overwrite inside the sandbox container despite the intended no file writes restriction.
{
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-184"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32128.json"
}{
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "4.14.7"
}
],
"cpe": "cpe:2.3:a:fastgpt:fastgpt:*:*:*:*:*:*:*:*",
"source": [
"AFFECTED_FIELD",
"CPE_RANGE"
]
}