← back
CVE-2026-0650

OpenFlagr <= 1.1.18 Authentication Bypass via Prefix Whitelist Path Normalization

CVSS 9.3 CRITICALEPSS 0.4%CWE-306CWE-425
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
07 Jan 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
OpenFlagr versions prior to and including 1.1.18 contain an authentication bypass vulnerability in the HTTP middleware. Due to improper handling of path normalization in the whitelist logic, crafted requests can bypass authentication and access protected API endpoints without valid credentials. Unauthorized access may allow modification of feature flags and export of sensitive data.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
OpenFlagr · Flagr

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://dreyand.rs/code%20review/golang/2026/01/03/0day-speedrun-openflagr-less-1118-authentication-bypasshttps://github.com/openflagr/flagr/releases/tag/1.1.19https://www.vulncheck.com/advisories/openflagr-authentication-bypass-via-prefix-whitelist-path-normalization