Description
Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive file-write content remains in the stored payload as ContentPreview, OldString, or NewString at the default standard logging level and at full. This leads to logging of potentially sensitive file content in the local sqlite database, violating Gryphs sensitive file filter and log level contracts. This vulnerability is fixed in 0.7.0.
Published: 2026-05-27
Score: 5.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Gryph, a security layer for AI coding agents, stored sensitive file‑write contents in its local sqlite database at default and full logging levels. Prior to version 0.7.0, the logging mechanism did not strip out content designated as sensitive, so any file write operation could inadvertently leave a preview of the data in the database. As a result, an attacker with access to the local database could retrieve potentially confidential information that was intended to be excluded from logs.

Affected Systems

The vulnerability affects all safedep Gryph deployments running a release before 0.7.0. No further version granularity is specified, so any instance of Gryph installed prior to updating to 0.7.0 is susceptible. The issue is tied to the default logging configuration, which applies to the standard log level and above.

Risk and Exploitability

The CVSS score of 5.5 categorizes the weak as medium severity, and the EPSS is not available, so no quantified exploitation likelihood can be assigned. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires local access to the machine running Gryph, as the attacker must read the sqlite database. Based on the description, it is inferred that the attack vector is local or requires an insider or compromised administrator. Because sensitive data is written to disk, the potential impact is confidential data leakage rather than system compromise.

Generated by OpenCVE AI on May 27, 2026 at 21:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Gryph to version 0.7.0 or later, which removes sensitive content from the logs in all log levels.
  • If an upgrade is not immediately possible, change the Gryph configuration to set the log level to minimal, ensuring that file‑write previews are excluded from the sqlite database.
  • Restrict file system permissions on the local sqlite log file so that only authorized users can read it.

Generated by OpenCVE AI on May 27, 2026 at 21:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-f3jg-756w-gm35 Gryph Agents Payload Filter Fails to Strip Tool Payload for Sensitive Content
History

Wed, 27 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 27 May 2026 18:45:00 +0000

Type Values Removed Values Added
Description Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive file-write content remains in the stored payload as ContentPreview, OldString, or NewString at the default standard logging level and at full. This leads to logging of potentially sensitive file content in the local sqlite database, violating Gryphs sensitive file filter and log level contracts. This vulnerability is fixed in 0.7.0.
Title Gryph Agents Payload Filter Fails to Strip Tool Payload for Sensitive Content
Weaknesses CWE-212
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-27T18:52:43.894Z

Reserved: 2026-05-08T18:07:27.341Z

Link: CVE-2026-45046

cve-icon Vulnrichment

Updated: 2026-05-27T18:52:22.639Z

cve-icon NVD

Status : Received

Published: 2026-05-27T19:16:21.793

Modified: 2026-05-27T19:16:21.793

Link: CVE-2026-45046

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T21:15:25Z

Weaknesses