Lucene search
K

25 matches found

NVD
NVD
added yesterday6 views

CVE-2026-61736

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, the server defaults to CORSORIGINS= combined with allowcredentials=True in lightrag/api/lightragserver.py, causing Starlette CORSMiddleware to effectively whitelist every origin for credentialed cross-origin request...

9.3CVSS
Exploits0References6
NVD
NVD
added yesterday5 views

CVE-2026-61740

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, when LightRAG is deployed with LIGHTRAGAPIKEY set but AUTHACCOUNTS unset, X-API-Key protection can be bypassed because lightrag/api/auth.py falls back to a hardcoded DEFAULTTOKENSECRET, /auth-status and /login can...

9.3CVSS
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-61740

LightRAG vulnerability CVE-2026-61740 affects LightRAG prior to v1.5.4. When LIGHTRAG_API_KEY is set but AUTH_ACCOUNTS is unset, authentication protection can be bypassed: lightrag/api/auth.py falls back to a hardcoded DEFAULT_TOKEN_SECRET, /auth-status and /login can mint guest JWTs, and combine...

9.3CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-44671

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, when LightRAG is deployed with LIGHTRAGAPIKEY set but AUTHACCOUNTS unset, X-API-Key protection can be bypassed because lightrag/api/auth.py falls back to a hardcoded DEFAULTTOKENSECRET, /auth-status and /login can...

9.3CVSS6.1AI score
Exploits0References4
Cvelist
Cvelist
added yesterday10 views

CVE-2026-61740 LightRAG: Authentication bypass: hardcoded DEFAULT_TOKEN_SECRET and public /auth-status defeat LIGHTRAG_API_KEY protection

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, when LightRAG is deployed with LIGHTRAGAPIKEY set but AUTHACCOUNTS unset, X-API-Key protection can be bypassed because lightrag/api/auth.py falls back to a hardcoded DEFAULTTOKENSECRET, /auth-status and /login can...

9.3CVSS
Exploits0References4
CVE
CVE
added yesterday6 views

CVE-2026-61736

LightRAG vulnerability CVE-2026-61736 stems from a CORS misconfiguration prior to version 1.5.4: CORS_ORIGINS is set to '*' and allow_credentials=True in lightrag/api/lightrag_server.py, causing Starlette CORSMiddleware to effectively whitelist all origins for credentialed cross-origin requests. ...

9.3CVSS6.1AI score
Exploits0References6
Cvelist
Cvelist
added yesterday11 views

CVE-2026-61736 LightRAG: CORS Wildcard + Credentials Enables Any-Origin Credentialed Requests

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, the server defaults to CORSORIGINS= combined with allowcredentials=True in lightrag/api/lightragserver.py, causing Starlette CORSMiddleware to effectively whitelist every origin for credentialed cross-origin request...

9.3CVSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/22 7:22 p.m.7 views

CVE-2026-39413

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none'...

6.5CVSS5.7AI score0.00154EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/08 7:41 p.m.25 views

CVE-2026-39413 LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none'...

4.2CVSS0.00154EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/08 7:41 p.m.2 views

CVE-2026-39413 LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none'...

4.2CVSS5.9AI score0.00154EPSS
Exploits1References1
CVE
CVE
added 2026/04/08 7:41 p.m.32 views

CVE-2026-39413

LightRAG is vulnerable to a JWT algorithm confusion attack in versions prior to 1.4.14 of its API. An attacker can forge tokens with alg: none in the JWT header because jwt.decode() does not explicitly disallow none, allowing another party to access protected resources without a valid signature. ...

6.5CVSS5.9AI score0.00154EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/04/08 7:41 p.m.3 views

CVE-2026-39413 LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none'...

4.2CVSS5.9AI score0.00154EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

LightRAG 数据伪造问题漏洞

LightRAG is an open-source retrieval-enhanced generation application developed by the Data Intelligence Laboratory at the Hong Kong University HKU. Versions of LightRAG prior to 1.4.14 contained a data manipulation vulnerability caused by JWT algorithm exploitation attacks. This vulnerability...

6.5CVSS5.7AI score0.00154EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.13 views

PT-2026-31285

Name of the Vulnerable Software and Affected Versions LightRAG versions prior to 1.4.14 Description The LightRAG API is susceptible to a JWT algorithm confusion attack. An attacker can forge tokens by setting 'alg': 'none' in the JWT header. The jwt.decode function does not explicitly disallow th...

6.5CVSS6.1AI score0.00154EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-19421

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.0017EPSS
Exploits0References7
Veracode
Veracode
added 2025/07/01 6:19 a.m.7 views

Path Traversal

lightrag-hku is vulnerable to Path Traversal. The vulnerability is due to improper validation of user-supplied filenames due to unsanitized input in the file.filename parameter in the uploadtoinputdir function, allowing an attacker to write files to arbitrary locations on the server...

5.3CVSS5.2AI score0.0017EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/29 7:7 p.m.17 views

CVE-2025-6773

A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...

5.3CVSS7.2AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2025/06/27 9:30 p.m.4 views

GHSA-V9W6-9HQ9-33CH HKUDS LightRAG allows Path Traversal via function upload_to_input_dir

A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...

5.3CVSS7AI score0.0017EPSS
Exploits0References8
NVD
NVD
added 2025/06/27 7:15 p.m.27 views

CVE-2025-6773

A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...

5.3CVSS0.0017EPSS
Exploits0References6
OSV
OSV
added 2025/06/27 7:0 p.m.5 views

CVE-2025-6773 HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal

A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...

4.8CVSS5.5AI score0.0017EPSS
Exploits0References8
Rows per page
Query Builder