Threat Advisory

Aegra API Vulnerability Exposes Cross-User Actions

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2026-44504 with a CVSS score of 8.6 is a cross-user run injection vulnerability in Aegra deployments running aegra-api version 0.9.0 through 0.9.6. An authenticated user can exploit this vulnerability by providing a thread ID belonging to another user via the /threads /{thread_id} /runs, /threads /{thread_id} /runs /stream, or /threads /{thread_id} /runs /wait endpoints, allowing them to execute graph runs, read the full checkpoint state, inject arbitrary messages, and hide their activity from the targeted user's run listing. This vulnerability is particularly severe due to the disclosure of thread IDs through frontend URLs, server logs, and shared links, making guessing unnecessary. Successful exploitation enables an attacker to gain unauthorized access and manipulate data within a shared Aegra instance, leading to significant business impact and consequences, including compromised user data, disrupted workflows, and potential reputational damage.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2026-44504 with a CVSS score of 8.6 is a cross-user run injection vulnerability in Aegra deployments running aegra-api version 0.9.0 through 0.9.6. An authenticated user can exploit this vulnerability by providing a thread ID belonging to another user via the /threads /{thread_id} /runs, /threads /{thread_id} /runs /stream, or /threads /{thread_id} /runs /wait endpoints, allowing them to execute graph runs, read the full checkpoint state, inject arbitrary messages, and hide their activity from the targeted user's run listing. This vulnerability is particularly severe due to the disclosure of thread IDs through frontend URLs, server logs, and shared links, making guessing unnecessary. Successful exploitation enables an attacker to gain unauthorized access and manipulate data within a shared Aegra instance, leading to significant business impact and consequences, including compromised user data, disrupted workflows, and potential reputational damage.[emaillocker id="1283"]

RECOMMENDATION:

We recommend you to update aegra-api to version 0.9.7.

REFERENCES:

The following reports contain further technical details:
https://github.com/advisories/GHSA-m98r-6667-4wq7

[/emaillocker]
crossmenu