CVE-2026-8321 | inkeep agents 0.58.14 runAuth Middleware runAuth.ts createDevContext authentication bypass (Issue 3024)

May 11, 2026 Yanac

A vulnerability was found in inkeep agents 0.58.14. It has been rated as critical. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in authentication bypass using alternate channel.

This vulnerability is reported as CVE-2026-8321. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More