Description
OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data.
Published: 2026-01-07
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass, Unauthorized Access
Action: Immediate Patch
AI Analysis

Impact

The vulnerability exists in OpenFlagr’s HTTP middleware before version 1.1.18, where path normalization is mishandled in the whitelist logic. This allows crafted requests to evade authentication checks and reach protected API endpoints without valid credentials. An attacker who successfully exploits the flaw could alter feature flags or export sensitive data, thereby compromising the confidentiality and integrity of the system.

Affected Systems

The affected product is OpenFlagr (Flagr). All releases up to and including version 1.1.18 are impacted. Users running any of those versions are vulnerable.

Risk and Exploitability

The CVSS score of 9.3 classifies this as a critical vulnerability, while an EPSS score of less than 1% indicates a low but non‑zero probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Attackers generally need network or web access to the exposed API, and can target the endpoint with a specially crafted HTTP request that bypasses the authentication layer.

Generated by OpenCVE AI on April 18, 2026 at 08:10 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenFlagr to version 1.1.19 or later.
  • Ensure that API endpoints are protected by proper authentication and restrict them to authorized users.
  • Monitor web server logs for unexpected requests targeting protected API routes.

Generated by OpenCVE AI on April 18, 2026 at 08:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-rwp9-5g7q-73q3 OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware
History

Wed, 07 Jan 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 07 Jan 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Openflagr
Openflagr flagr
Vendors & Products Openflagr
Openflagr flagr

Wed, 07 Jan 2026 05:00:00 +0000

Type Values Removed Values Added
Description OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data.
Title OpenFlagr <= 1.1.18 Authentication Bypass via Prefix Whitelist Path Normalization
Weaknesses CWE-306
CWE-425
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openflagr Flagr
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-01-07T14:24:38.464Z

Reserved: 2026-01-06T17:17:34.850Z

Link: CVE-2026-0650

cve-icon Vulnrichment

Updated: 2026-01-07T14:24:20.966Z

cve-icon NVD

Status : Deferred

Published: 2026-01-07T12:17:07.727

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-0650

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T08:15:15Z

Weaknesses