Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in authentication bypass using alternate channel. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Authentication bypass in Inkeep Agents 0.58.14 allows remote unauthenticated attackers to circumvent authentication controls via alternate channel manipulation in the runAuth middleware. The vulnerability exists in the createDevContext function of agents-api/src/middleware/runAuth.ts, enabling unauthorized access to protected resources with low impact to confidentiality, integrity, and availability. Publicly available exploit code exists (GitHub issue #3024), and the vendor has not yet responded to the vulnerability report, meaning no patch is currently available.
Technical ContextAI
The vulnerability resides in the runAuth middleware component of Inkeep Agents, specifically within the createDevContext function. This middleware is responsible for authentication enforcement in the agents API layer. The root cause is CWE-288 (Authentication Bypass Using an Alternate Path or Channel), indicating the authentication mechanism can be circumvented by accessing protected functionality through an unvalidated or improperly secured code path. The createDevContext function likely creates a development or testing context that inadvertently exposes privileged functionality without proper authentication checks when invoked through specific pathways. This architectural flaw allows attackers to exploit developer-intended features in production deployments, a common issue when development scaffolding is not properly isolated from production code paths.
RemediationAI
No vendor-released patch exists at time of analysis. The vendor (Inkeep) has not responded to the vulnerability report filed through GitHub issue #3024. In the absence of an official fix, implement compensating controls: (1) Upgrade to a version newer than 0.58.14 if available in the repository, verifying the createDevContext function has been removed or properly secured in agents-api/src/middleware/runAuth.ts. (2) If upgrade is not possible, review and disable the createDevContext function entirely by modifying runAuth.ts, though this may break development workflows if they depend on this context. (3) Restrict network access to the agents-api endpoint to trusted IP ranges only using firewall rules or reverse proxy ACLs, reducing exposure to authenticated internal users only-this mitigates the AV:N vector but does not fix the underlying authentication bypass. (4) Deploy runtime application security (RASP) or WAF rules to detect and block requests attempting to invoke createDevContext paths. Monitor the GitHub repository at https://github.com/inkeep/agents/ for patch commits and subscribe to https://vuldb.com/vuln/362608 for updates. All mitigations are temporary; plan to migrate away from this product if vendor remains unresponsive.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29212
GHSA-mv62-653x-7444