Skip to main content

Agentgateway CVE-2026-29791

MEDIUM
Improper Input Validation (CWE-20)
2026-03-06 security-advisories@github.com GHSA-v2x6-wwfw-r2rq
4.9
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
4.9 MEDIUM
AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

3
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 22:06 vuln.today
CVE Published
Mar 06, 2026 - 21:16 nvd
MEDIUM 4.9

DescriptionGitHub Advisory

Agentgateway is an open source data plane for agentic AI connectivity within or across any agent framework or environment. Prior to version 0.12.0, when converting MCP tools/call request to OpenAPI request, input path, query, and header values are not sanitized. This issue has been patched in version 0.12.0.

AnalysisAI

Agentgateway versions prior to 0.12.0 fail to sanitize input parameters (path, query, and header values) when converting MCP tool requests to OpenAPI calls, allowing authenticated users to inject malicious data that could lead to unauthorized information disclosure or data modification. An attacker with valid credentials could exploit this input validation weakness to manipulate API requests across agent frameworks. No patch is currently available for affected deployments.

Technical ContextAI

This vulnerability (CWE-20: Improper Input Validation) affects Agentgateway is an open source data plane for agentic AI connectivity within or across any agent framework or environment.. Agentgateway is an open source data plane for agentic AI connectivity within or across any agent framework or environment. Prior to version 0.12.0, when converting MCP tools/call request to OpenAPI request, input path, query, and header values are not sanitized. This issue has been patched in version 0.12.0.

RemediationAI

Fixed in version 0.12.0.. Restrict network access to the affected service where possible.

Share

CVE-2026-29791 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy