Aegra: Cross-user run injection in /threads/{thread_id}/runs (IDOR)_CVE-2026-44504

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Description

Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's thread_id, can execute graph runs against the user's thread, read the user's full checkpoint state, and inject arbitrary messages into the user's conversation history. This vulnerability is fixed in 0.9.7.

Basic Information

ID CVE-2026-44504

Source GitHub_M

Published May 14, 2026 at 15:52

Affected Product

Vendor aegra

Product aegra

Version < 0.9.7

Affected Versions aegra aegra < 0.9.7

CWE Classification

CWE-285 CWE-639

References

github.com /aegra/aegra/security/advisories/GHSA-m98r-6667-4wq7

{
    "lastseen": "",
    "description": "Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's thread_id, can execute graph runs against the user's thread, read the user's full checkpoint state, and inject arbitrary messages into the user's conversation history. This vulnerability is fixed in 0.9.7.",
    "published": "2026-05-14T15:52:30.547Z",
    "modified": "2026-05-14T15:52:30.547Z",
    "type": "cve",
    "title": "Aegra: Cross-user run injection in /threads/{thread_id}/runs (IDOR)",
    "source": "GitHub_M",
    "references": "https://github.com/aegra/aegra/security/advisories/GHSA-m98r-6667-4wq7",
    "id": "CVE-2026-44504",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "aegra aegra < 0.9.7",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "aegra",
    "version": "< 0.9.7",
    "vendor": "aegra",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}