CVE-2026-7021
Received Received - Intake
Information Disclosure via baseURL Manipulation in SmythOS Connector Service

Publication date: 2026-04-26

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-26
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7021
EUVD
EUVD-2026-25696
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
smythos sdk to 0.0.15 (inc)
smythos sre to 0.0.15 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The CVE-2026-7021 vulnerability is a credential exposure issue in the @smythos/sdk package caused by an insecure fallback mechanism for Vault credentials.

Specifically, in the SDK's adaptModelParams function, if a user initializes an LLM interaction without explicitly providing credentials or an apiKey, the function defaults the credentials array to ['vault'] silently.

This causes the connector service to retrieve system-level Vault API keys from a JSON file (~/.smyth/vault.json) without any origin or destination trust checks.

An attacker can exploit this by initializing the SDK with a malicious baseURL and no apiKey, causing the SDK to send the system's global Vault token (such as OpenAI or Anthropic API keys) to the attacker’s server, effectively leaking sensitive credentials.

Impact Analysis

This vulnerability allows unauthorized actors to steal global Vault API keys in environments that permit dynamic model configurations with custom baseURL settings.

The leaked credentials can lead to significant financial losses due to unauthorized usage of LLM services.

Additionally, it may enable further internal compromise if other sensitive credentials are stored in the Vault.

Detection Guidance

This vulnerability can be detected by monitoring network traffic for unauthorized outbound requests containing Vault API keys or other sensitive credentials sent to unknown or attacker-controlled URLs.

Specifically, look for requests from the SmythOS SDK or Connector Service that include Authorization headers with Vault tokens being sent to suspicious baseURLs.

A proof-of-concept involves an attacker-controlled Express server listening on port 9876 capturing these tokens.

  • Use network monitoring tools like tcpdump or Wireshark to capture outgoing HTTP requests from your system and filter for Authorization headers.
  • Example tcpdump command to capture HTTP traffic on port 80 or 443: sudo tcpdump -i any -A 'tcp port 80 or tcp port 443'
  • Use grep or similar tools to search logs or captured traffic for suspicious baseURLs or Authorization headers containing Vault tokens.
  • Check the presence of the file ~/.smyth/vault.json on systems running SmythOS SDK to verify if Vault credentials are stored locally.
Mitigation Strategies

The immediate mitigation step is to upgrade the affected SmythOS SDK and SRE packages to versions later than 0.0.15 where the insecure fallback behavior has been patched.

Avoid initializing the SDK without explicitly providing credentials or an apiKey to prevent the automatic fallback to the insecure Vault credential retrieval.

Restrict network egress to prevent unauthorized outbound connections to unknown or attacker-controlled baseURLs.

Audit and rotate any potentially exposed Vault API keys or tokens to prevent misuse.

Monitor logs and network traffic for suspicious activity related to this vulnerability.

Compliance Impact

This vulnerability causes unauthorized disclosure of sensitive credentials, specifically global Vault API keys, which can lead to exposure of confidential information.

Such information disclosure can negatively impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding sensitive data and preventing unauthorized access.

The leakage of credentials could result in unauthorized access to protected data or services, potentially violating confidentiality and security requirements mandated by these standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7021. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart