Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1917+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. Security
  3. CVE-2026-61736: LightRAG Critical CORS Credential Bypass (CVSS 9.3)
CVE-2026-61736: LightRAG Critical CORS Credential Bypass (CVSS 9.3)

Critical Security Alert

This vulnerability is actively being exploited. Immediate action is recommended.

SECURITYCRITICALCVE-2026-61736

CVE-2026-61736: LightRAG Critical CORS Credential Bypass (CVSS 9.3)

LightRAG's default server configuration combines CORS_ORIGINS=* with allow_credentials=True, allowing any origin to make credentialed cross-origin requests and exposing knowledge graphs to unauthorized access.

Dylan H.

Security Team

July 16, 2026
3 min read

Affected Products

  • LightRAG < 1.5.4

Overview

A critical vulnerability has been identified in LightRAG, the popular open-source retrieval-augmented generation (RAG) framework, which ships with a dangerously permissive CORS configuration by default. The issue, tracked as CVE-2026-61736 with a CVSS score of 9.3 (Critical), allows any origin to make credentialed cross-origin requests to the LightRAG API server.

The root cause lies in lightrag/api/lightrag_server.py, where the server defaults to:

CORS_ORIGINS="*"
allow_credentials=True

According to the CORS specification, combining a wildcard origin (*) with allow_credentials=True via Starlette's CORSMiddleware effectively whitelists every origin for credentialed requests — meaning cookies, authorization headers, and TLS client certificates are forwarded from any attacker-controlled site.

Impact

An attacker who can lure an authenticated LightRAG user to a malicious webpage can:

  • Read or exfiltrate the victim's knowledge graph data via cross-origin fetch requests
  • Insert or delete graph nodes and relationships
  • Query the LLM backend using the victim's API credentials
  • Fully compromise multi-tenant deployments where users share a single LightRAG instance

The severity is amplified by LightRAG's common deployment pattern: many organizations run it as an internal tool behind an SSO proxy or basic auth layer, assuming cross-origin protections are enforced at the browser level. This vulnerability bypasses that assumption entirely.

Affected Versions

ProductAffected VersionsFixed Version
LightRAG ServerAll versions prior to 1.5.41.5.4

Remediation

Update Immediately

Upgrade LightRAG to version 1.5.4 or later:

pip install --upgrade lightrag-hku

Manual Mitigation (if unable to upgrade)

Explicitly configure CORS with an allowlist of trusted origins:

from lightrag.api.lightrag_server import create_app
 
app = create_app(
    cors_origins=["https://your-trusted-domain.com"],
    allow_credentials=True
)

Never use CORS_ORIGINS="*" alongside allow_credentials=True in production.

Network-Level Controls

If running LightRAG behind a reverse proxy (nginx, Traefik, Caddy), ensure CORS headers set by the proxy override or remove the application's permissive defaults:

add_header 'Access-Control-Allow-Origin' 'https://your-domain.com' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;

Detection

Check your LightRAG startup logs or configuration for the default CORS_ORIGINS=* setting:

grep -r "CORS_ORIGINS" /path/to/lightrag/
grep -r "allow_credentials" /path/to/lightrag/

Review your web server access logs for cross-origin preflight (OPTIONS) requests from unexpected origins:

grep 'OPTIONS' /var/log/nginx/access.log | grep 'Origin:'

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MetricValue
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

References

  • NVD Entry: CVE-2026-61736
  • LightRAG GitHub Repository
  • OWASP: CORS Misconfiguration
  • MDN Web Docs: CORS with Credentials
#CVE#CORS#LightRAG#RAG#AI Security#Vulnerability

Related Articles

CVE-2026-42533: NGINX Memory Corruption via Map Directive Regex (CVSS 8.1)

A vulnerability in NGINX Plus and NGINX Open Source allows map directives using regex matching with capture variables to trigger memory corruption when the capture variable is referenced before the map output variable.

4 min read

CVE-2026-14453: Critical SSTI to RCE in Centreon Open Tickets (CVSS 9.6)

A critical Server-Side Template Injection vulnerability in Centreon's centreon-open-tickets module allows unauthenticated attackers to achieve Remote Code Execution via the unsanitized message_confirm field.

6 min read

CVE-2026-57433: Perl Storable Signed Integer Overflow in SX_HOOK Deserialization

A CVSS 9.8 signed integer overflow in Perl's Storable module (before 3.41) allows a crafted SX_HOOK record to wrap an I32_MAX item count to -1, corrupting heap memory and potentially enabling remote code execution.

5 min read
Back to all Security Alerts