CVE-2026-30350
Denial of Service in Agent Protocol /store/items/search Endpoint
Publication date: 2026-04-27
Last updated on: 2026-04-27
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aegra | aegra | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not include any details about the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2026-30350 is a Denial of Service (DoS) vulnerability in the Aegra Agent Protocol server, specifically in the /store/items/search endpoint.
The issue arises from improper handling of JSONB value types during the decoding process in the Store API and LangGraph Postgres store integration, particularly in the store search path and row decoding.
When a crafted POST request containing malformed or unexpected JSONB data is sent, it triggers an uncaught exception or an orjson decode/type error, causing the server to crash or become unresponsive, resulting in a persistent DoS condition.
This vulnerability affects the codebase at commit e9a89f8ad8cd61dbd575bb325a888ffe41b53954 and is exploitable remotely.
How can this vulnerability impact me? :
This vulnerability can cause a Denial of Service (DoS) condition on the Aegra Agent Protocol server by crashing or making the server unresponsive.
An attacker can exploit this remotely by sending a specially crafted POST request to the /store/items/search endpoint, which can disrupt normal service availability.
As a result, legitimate users may be unable to access the affected service, leading to potential downtime and loss of functionality.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes or unresponsiveness of the Aegra Agent Protocol server when it receives POST requests to the /store/items/search endpoint.
Specifically, sending crafted POST requests with malformed or unexpected JSONB data to the /store/items/search endpoint can trigger the vulnerability, causing the server to crash or become unresponsive.
To detect this on your system, you can use tools like curl or HTTP clients to simulate such requests and observe server behavior.
- Example command to test the endpoint with a crafted POST request using curl:
- curl -X POST http://<server_address>/store/items/search -H "Content-Type: application/json" -d '{"malformed_jsonb_field": "\x00\x01\x02"}'
Monitoring server logs for orjson decode/type errors or uncaught exceptions related to JSONB decoding can also help detect attempts to exploit this vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /store/items/search endpoint to trusted users or networks to prevent unauthorized crafted POST requests.
Implement input validation and sanitization on the server side to reject malformed or unexpected JSONB data before processing.
Monitor server logs for signs of exploitation attempts and restart the server if it becomes unresponsive due to this vulnerability.
Check for and apply any patches or updates provided by the vendor (Aegra) that address this issue.