How is CVE-2026-45296 exploited?

Network reachability (required): The vulnerable API routes are exposed over the network, so the attacker must be able to reach the OpenReplay API service via HTTP/HTTPS. Authentication (required): A low-privilege API key is sufficient; the attacker only needs a valid key issued to their own tenant, not an admin credential. Victim interaction (not-required): The attacker calls the API directly; no action by a victim user is needed. Attack complexity (info): Exploitation is reliable and condition-free: the projectKey is exposed to browser-side code by design, so no guessing, race condition, or special environment setup is required.

What is the impact of CVE-2026-45296?

Reads the full list of user sessions belonging to another tenant's project. Retrieves detailed session event data from those sessions, which may include keystrokes, clicks, form inputs, and navigation paths recorded by the OpenReplay tracker. Crosses the tenant isolation boundary, meaning one customer's data is exposed to an unrelated authenticated customer on the same OpenReplay deployment.

Back to search

HIGHCVE-2026-45296Published 2026-05-28Modified 2026-05-30CNA GitHub_M

CVE-2026-45296: OpenReplay: Cross-tenant information disclosure in app_apikey projectKey routes via missing tenant binding

OpenReplay is a self-hosted session replay suite. Prior to 1.26.0, OpenReplay's Python API exposes several app_apikey routes that trust a caller-provided projectKey after validating only that the API key itself is valid and that the target projectKey exists. The authorization flow does not verify that the authenticated API key and the requested project belong to the same tenant. Because the public tracker design exposes projectKey to browser-side code, an attacker who owns any valid API key for their own tenant can target another tenant's project by reusing that public projectKey. The vulnerable routes allow the attacker to enumerate victim user sessions and then retrieve sensitive session event data across the tenant boundary. This vulnerability is fixed in 1.26.0.

HarborGuard Analysis

HarborGuard analysis

Synopsis

Cross-tenant information disclosure in OpenReplay's Python API affects all deployments running versions prior to 1.26.0. The vulnerability is reachable over the network by any authenticated API key holder, with no victim interaction needed; the API skips verifying that the caller's API key and the requested project belong to the same tenant. A successful attacker reads session lists and sensitive session event data belonging to another tenant's project. HarborGuard tracks this advisory and will make a patched-image rebuild available the moment a fix version is published upstream.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images, including custom-built OpenReplay images, in both registry scans and CI pipeline checks.

Available

Triage

HarborGuard scores this issue at CVSS 7.7 HIGH and is capable of weighting that score against each customer's per-environment compliance policy, then routing the finding to the appropriate team inbox within the customer org.

Available

Patch

Because no fix version has been published yet, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment upstream ships a confirmed fix. For customers with auto-remediation enabled, the rebuild, regression-test run, and PR against affected workloads will be triggered without manual intervention once that fix is available.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The vulnerable API routes are exposed over the network, so the attacker must be able to reach the OpenReplay API service via HTTP/HTTPS.
AuthenticationRequired
A low-privilege API key is sufficient; the attacker only needs a valid key issued to their own tenant, not an admin credential.
Victim interactionNot required
The attacker calls the API directly; no action by a victim user is needed.
Attack complexityDetail
Exploitation is reliable and condition-free: the projectKey is exposed to browser-side code by design, so no guessing, race condition, or special environment setup is required.

Blast Radius

Reads the full list of user sessions belonging to another tenant's project.
Retrieves detailed session event data from those sessions, which may include keystrokes, clicks, form inputs, and navigation paths recorded by the OpenReplay tracker.
Crosses the tenant isolation boundary, meaning one customer's data is exposed to an unrelated authenticated customer on the same OpenReplay deployment.

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix version exists for this CVE at this time, the platform monitors the advisory on every ingest cycle and will automatically make a patched-image rebuild available the moment OpenReplay publishes a fix. Until a patch ships, compensating controls worth considering include network-policy isolation to restrict API access to known internal CIDR ranges, egress filtering to limit which services can call the app_apikey routes, and auditing API key issuance to reduce the number of active keys that could be used to probe cross-tenant routes. Where compliance policy permits, customers with auto-remediation enabled will receive a rebuilt image, a regression-test run, and a PR opened against affected workloads as soon as the upstream fix is confirmed.

See how HarborGuard automates this

CVSS v3.1: 7.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

openreplay / openreplay
< 1.26.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References

https://github.com/openreplay/openreplay/security/advisories/GHSA-8wmc-vpmf-cjf5