CVE-2026-0650
Authentication Bypass in OpenFlagr HTTP Middleware Enables Unauthorized Access
Publication date: 2026-01-07
Last updated on: 2026-01-07
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openflagr | flagr | to 1.1.18 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-425 | The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an authentication bypass in OpenFlagr versions up to 1.1.18. It occurs because the HTTP middleware improperly handles path normalization in the whitelist logic, allowing crafted requests to bypass authentication and access protected API endpoints without valid credentials.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized access to protected API endpoints, enabling attackers to modify feature flags and export sensitive data. Such unauthorized data access and modification can lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls on access to sensitive information and maintaining data integrity and confidentiality. Therefore, exploitation of this vulnerability could result in non-compliance with these common standards and regulations. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crafted HTTP requests that exploit path traversal sequences to bypass authentication, such as requests containing paths like '/api/v1/health/../export/sqlite'. Network or application logs should be inspected for such suspicious requests. Specific commands are not provided in the resources, but using tools like curl or HTTP request interceptors to test access to protected API endpoints with crafted paths can help detect the issue. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade OpenFlagr to version 1.1.19 or later, where this authentication bypass vulnerability has been fixed. Until the upgrade can be applied, restrict access to the affected API endpoints via network controls or firewall rules to prevent unauthorized access. [1, 3]
How can this vulnerability impact me? :
The vulnerability can allow unauthorized users to access protected API endpoints, potentially modifying feature flags and exporting sensitive data, which could lead to security breaches and data exposure.