EUVD-2026-31869
GHSA-gj84-924c-48fx
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
2DescriptionNVD
Summary
The SSE event server bound to 0.0.0.0:5553 on Linux/macOS by default because the platform-dependent host default in engine/flags.go:39-46 set host = "" for non-Windows, and utils.JoinHostPort("", ":5553") resolves to ":5553" - a Go http.Server.Addr of ":5553" listens on every interface. On Windows the same code chose "localhost", binding loopback only.
The result was a platform split where the OS Algernon's dev workflow is most often used on (Linux/macOS) got the network-exposed default, and only Windows users got the loopback-safe one. A LAN peer with no developer interaction could connect to <dev-laptop-ip>:5553 and read the file-change stream.
This advisory covers the bind-address default in isolation. The fix is independent of authentication (#2a) and CORS (#2b) - switching the default to loopback can be done without touching either.
Details
#### Root cause - platform-dependent host default in handleFlags
// engine/flags.go:39-46 (1.17.6)
host := ""
if runtime.GOOS == "windows" {
host = "localhost"
// Default Bolt database file
ac.defaultBoltFilename = filepath.Join(serverTempDir, "algernon.db")
// Default log file
ac.defaultLogFile = filepath.Join(serverTempDir, "algernon.log")
}// engine/config.go:388-391 (1.17.6, finalConfiguration)
if ac.eventAddr == "" {
ac.eventAddr = utils.JoinHostPort(host, ac.defaultEventColonPort)
}Result tabulated:
| Platform | host | eventAddr after JoinHostPort | Effective bind |
|---|---|---|---|
| Linux | "" | ":5553" | 0.0.0.0:5553 (all interfaces) |
| macOS | "" | ":5553" | 0.0.0.0:5553 (all interfaces) |
| Windows | "localhost" | "localhost:5553" | 127.0.0.1:5553 (loopback) |
The same host value also governs the main web server bind, so the platform split affects both ports. The web-server bind on Linux/macOS is a separate (defensible) design decision - a server intended to be reachable; the SSE port is *not* such a service and inherited the same default by accident. #### Why this is an independent finding
The fix is a single line: change the default host value, or change the eventAddr default specifically, to "localhost" regardless of platform. No change to authentication or CORS is required to close the network-reach half of the original bundled advisory. A LAN peer can no longer connect - the listener is unreachable from another host - even if the SSE handler still has no authentication and still returns Allow-Origin: *.
PoC (against 1.17.6 on Linux/macOS)
# Operator's laptop on a hotel/cafe/office WiFi:
algernon -a /path/to/project
# => SSE listener bound to 0.0.0.0:5553
# Any peer on the same subnet:
$ curl -sN http://<dev-laptop-ip>:5553/sse
id: 0
data: /path/to/project/secret-notes.md
id: 1
data: /path/to/project/.env.localNo interaction from the developer is required. The peer needs network reach and nothing else.
Impact
- Confidentiality: medium. LAN-bounded continuous information disclosure of filenames and edit timing.
- Integrity: none.
- Availability: none directly.
The CVSS vector uses AV:A (adjacent network) to model the LAN-only reach. The vector for a misconfigured deployment behind a NAT-less or routed network would shift to AV:N and rise to 5.3.
Suggestions to fix
Primary fix - pick localhost as the SSE default on every platform.
// engine/flags.go -- platform-independent default for the event listener
// (keep the existing platform split for the WEB server if desired, but
// not for the event server)
host := "localhost"Or, more surgically:
// engine/config.go -- finalConfiguration
if ac.eventAddr == "" {
ac.eventAddr = utils.JoinHostPort("localhost", ac.defaultEventColonPort)
}An operator who genuinely wants LAN-reachable SSE can pass --eventserver 0.0.0.0:5553 explicitly and accept the consequences.
Stronger fix - eliminate the second listener entirely. Mount the SSE handler on the main mux at /sse. The bind address is then whatever the main server uses; there is no second listener and therefore no second bind-address default to get wrong.
Live verification
Audit-host bind check (Windows 10):
$ netstat -an | findstr 5553
TCP 127.0.0.1:5553 0.0.0.0:0 LISTENINGConfirms the Windows default is localhost. The Linux/macOS bind to 0.0.0.0:5553 is documented in the code path above; it was not exercised on the audit machine because the audit host was Windows. A maintainer reproducing on a Linux host would see 0.0.0.0:5553 LISTENING from ss -tlnp.
AnalysisAI
Algernon's auto-refresh SSE event server unintentionally exposes developer file-change streams to unauthenticated LAN peers on Linux and macOS due to a platform-dependent bind address default that was never intended to reach adjacent hosts. On non-Windows platforms, the SSE listener resolves to 0.0.0.0:5553 (all interfaces), while Windows correctly binds to 127.0.0.1:5553 - a silent asymmetry introduced in engine/flags.go that leaves developers on the most common Algernon platforms exposed whenever they work on shared networks. …
Sign in for full analysis, threat intelligence, and remediation guidance.
More from same product – last 7 days
{filename} endpoint. The flawed traversal guard only rejects forward slashes and '..' sequences, so absolute Windows pat
Remote code execution in Microsoft Azure Orbital Spatio allows unauthenticated network attackers to upload dangerous fil
Unsafe deserialization in Microsoft Planetary Computer Pro (Geocatalog) lets a remote unauthenticated attacker craft mal
Remote code execution in Microsoft Power Pages allows unauthenticated network attackers to inject and execute operating-
Privilege elevation in Microsoft Azure Resource Manager (ARM) allows remote unauthenticated attackers to bypass authenti
Share
External POC / Exploit Code
Leaving vuln.today