GHSA-9H64-2846-7X7F

GHSA-9H64-2846-7X7F is a critical-severity SQL injection vulnerability in github.com/getaxonflow/axonflow (go), affecting versions < 7.5.0. It is fixed in 7.5.0.

Summary

Eight independently-filed bug fixes in the v7.1.3 → v7.5.0 release window collectively close a set of multi-tenant isolation, access-control, and policy-enforcement defects in the AxonFlow platform. They are filed as a single consolidated advisory because the recommended remediation is a single platform upgrade.

Affected versions

< 7.5.0. Specific items affect different earlier minors; see Impact below.

Patched versions

>= 7.5.0.

Resources

Credit

Identified by AxonFlow internal security review during the April 2026 quality-freeze epic.

Impact

# Item Affected Patched CWE
1 MAP execution multi-tenant isolation. A body-supplied org_id could override the Basic-auth-derived org for both execution recording and policy evaluation. In multi-tenant deployments with shared agents, this could record one tenant's request under another tenant's audit log and evaluate it under the wrong tenant's policy set. < 7.4.5 >= 7.4.5 CWE-863
2 Cross-tenant audit-log leak via evidence/explain handlers. The handlers behind /api/v1/evidence/* and /api/v1/decisions/*/explain failed open when the tenant context was missing, returning data scoped to a different tenant or returning data without scope. < 7.2.0 >= 7.2.0 CWE-200, CWE-863
3 License-validation bypass on onboard-customer. The portal customer-onboard endpoint lacked authentication and license-key validation, allowing unauthenticated callers to invoke the onboard flow. < 7.2.0 >= 7.2.0 CWE-862
4 Tenant-scope fail-open on evidence/explain. Distinct from item 2: when tenant headers were absent, the handler defaulted to a permissive read scope rather than refusing the request. < 7.2.0 >= 7.2.0 CWE-862
5 Internal-service auth fallback bypass in non-Community modes. Evaluation/Enterprise builds carried an auth fallback path that, under specific request shapes, could be exploited to bypass apiAuthMiddleware. < 7.2.0 >= 7.2.0 CWE-863
6 Login timing / org-existence disclosure on the portal. The login handler returned different timing and response bodies for invalid-org vs invalid-password, allowing org enumeration. < 7.1.3 >= 7.1.3 CWE-208
7 Portal DoS via unbounded request body. The portal accepted unbounded request bodies, allowing memory-exhaustion attacks. Capped at 1 MiB. < 7.1.5 >= 7.1.5 CWE-770
8 SQL-injection enforcement regression on try.getaxonflow.com. The Community SaaS hosted endpoint inherited the warn SQLi default introduced in v6.2.0, allowing SQL-injection-shaped requests to pass governance to the LLM. Self-hosted deployments were unaffected unless they manually changed the default. < 7.5.0 (try.getaxonflow.com only) >= 7.5.0 CWE-89

Untrusted input alters a database query, allowing the attacker to read or modify data the query was not intended to access. Typical impact: data disclosure or modification.

GHSA-9H64-2846-7X7F has a CVSS score of 9.1 (Critical). The vector is network-reachable, low privileges required, and no user interaction. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment. A fixed version is available (7.5.0); upgrading removes the vulnerable code path.

Affected versions

github.com/getaxonflow/axonflow (< 7.5.0)

Security releases

github.com/getaxonflow/axonflow → 7.5.0 (go)

Kodem intelligence

Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.

Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.

See it in your environment

Remediation advice

Upgrade to AxonFlow platform v7.5.0 or later. No configuration changes required, the platform is purely additive and existing API/SDK callers continue to work.

For users who can't upgrade immediately, item-specific mitigations:

  • Items 1–5: ensure the agent middleware sets X-Org-ID / X-Tenant-ID from authenticated identity at the ingress, never accepting body-supplied identity.
  • Item 8 (Community SaaS): SQLI_ACTION=block can be set explicitly via the agent task definition; v7.5.0 makes this the default.

Frequently Asked Questions

  1. What is GHSA-9H64-2846-7X7F? GHSA-9H64-2846-7X7F is a critical-severity SQL injection vulnerability in github.com/getaxonflow/axonflow (go), affecting versions < 7.5.0. It is fixed in 7.5.0. Untrusted input alters a database query, allowing the attacker to read or modify data the query was not intended to access.
  2. How severe is GHSA-9H64-2846-7X7F? GHSA-9H64-2846-7X7F has a CVSS score of 9.1 (Critical). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
  3. Which versions of github.com/getaxonflow/axonflow are affected by GHSA-9H64-2846-7X7F? github.com/getaxonflow/axonflow (go) versions < 7.5.0 is affected.
  4. Is there a fix for GHSA-9H64-2846-7X7F? Yes. GHSA-9H64-2846-7X7F is fixed in 7.5.0. Upgrade to this version or later.
  5. Is GHSA-9H64-2846-7X7F exploitable, and should I be worried? Whether GHSA-9H64-2846-7X7F is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
  6. What actually determines whether GHSA-9H64-2846-7X7F is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
  7. How do I fix GHSA-9H64-2846-7X7F? Upgrade github.com/getaxonflow/axonflow to 7.5.0 or later.

Other vulnerabilities in github.com/getaxonflow/axonflow

Stop the waste.
Protect your environment with Kodem.