OpenFlagr

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data.

AI Analysis

Authentication bypass vulnerability in OpenFlagr due to improper handling of path normalization in the whitelist logic

Basic Information

ID CVE-2026-0650

Source VulnCheck

Published Jan 7, 2026 at 04:29

Affected Product

Vendor OpenFlagr

Product Flagr

Affected Versions OpenFlagr Flagr 0

CWE Classification

CWE-306 CWE-425

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor OpenFlagr

Product Flagr

Version <= 1.1.18

References

{
    "lastseen": "",
    "description": "OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data.",
    "published": "2026-01-07T04:29:56.357Z",
    "modified": "2026-01-07T04:29:56.357Z",
    "type": "cve",
    "title": "OpenFlagr <= 1.1.18 Authentication Bypass via Prefix Whitelist Path Normalization",
    "source": "VulnCheck",
    "references": "https://github.com/openflagr/flagr/releases/tag/1.1.19\nhttps://dreyand.rs/code%20review/golang/2026/01/03/0day-speedrun-openflagr-less-1118-authentication-bypass\nhttps://www.vulncheck.com/advisories/openflagr-authentication-bypass-via-prefix-whitelist-path-normalization",
    "id": "CVE-2026-0650",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306",
        "CWE-425"
    ],
    "cvelist": null,
    "sourceData": "OpenFlagr Flagr 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Flagr",
    "version": "0",
    "vendor": "OpenFlagr",
    "ai_description": "Authentication bypass vulnerability in OpenFlagr due to improper handling of path normalization in the whitelist logic",
    "ai_severity": "Critical",
    "ai_vendor": "OpenFlagr",
    "ai_product": "Flagr",
    "ai_version": "<= 1.1.18",
    "ai_score": 9.3
}

OpenFlagr <= 1.1.18 Authentication Bypass via Prefix Whitelist Path Normalization_CVE-2026-0650