How is CVE-2026-8335 exploited?

Network reachability (info): The attacker must be on an adjacent network segment, such as a LAN or VPN, to reach the Aix-DB service; remote internet-based exploitation is not indicated by the AV:A vector. Authentication (not-required): No credentials or session token of any kind are needed; the affected endpoint performs no token validation. Victim interaction (not-required): The attacker sends requests directly to the endpoint; no action by a logged-in user or administrator is required. Attack complexity (info): The exploit is reliable and condition-free, requiring no race conditions, memory-layout knowledge, or environmental prerequisites.

What is the impact of CVE-2026-8335?

The attacker can read all data stored in the database by issuing arbitrary SELECT queries through the unauthenticated endpoint. Sensitive records such as user credentials, session tokens, application configuration, and any LLM-related output stored in the database are directly readable. Because integrity and availability impact tokens are None, the attacker cannot modify or delete data, and the service itself is not disrupted by this exploit path.

Back to search

HIGHCVE-2026-8335Published 2026-06-10Modified 2026-06-10CNA CERT-PL

CVE-2026-8335: Missing authentication in Aix-DB

A missing authentication check on the Aix‑DB "/llm/process_llm_out" endpoint allows unauthenticated clients to execute arbitrary "SELECT" SQL queries and retrieve database data, as the endpoint lacks the token validation enforced on all other application endpoints. All releases up to 1.2.4 are considered vulnerable. Status of next releases is unknown as the vulnerability has not been addressed by any patch.

CVSS v4.0: 7.1
Severity: HIGH
Fixed in: —
Affected Products: 1

HarborGuard Analysis

Synopsis

Missing authentication on a specific API endpoint in Aix-DB allows any client reachable over the local network or adjacent segment to issue arbitrary SELECT queries without supplying credentials. The "/llm/process_llm_out" endpoint skips the token validation applied to every other route, meaning an attacker with network access can query the database directly. Successful exploitation gives the attacker full read access to database contents. No patch is currently available; HarborGuard tracks the advisory for fix availability.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images, including custom-built images that bundle Aix-DB at version 1.2.4 or earlier. Any image found running an affected release is flagged immediately in the pipeline scan results.

Available

Triage

HarborGuard is capable of scoring this finding at CVSS 7.1 (High) and weighting it further against each environment's compliance policy, such as data-classification rules or network-exposure tiers. Triage routing is available to direct the alert to the right team inbox within each customer organization.

Available

Patch

No upstream fix version has been published for this CVE. HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment an upstream fix is released. For customers who opt into auto-remediation, the rebuild, regression run, and PR against affected workloads will be triggered without manual intervention once a fix version appears.

Pending upstream

Exploit Conditions

Network reachabilityDetail
The attacker must be on an adjacent network segment, such as a LAN or VPN, to reach the Aix-DB service; remote internet-based exploitation is not indicated by the AV:A vector.
AuthenticationNot required
No credentials or session token of any kind are needed; the affected endpoint performs no token validation.
Victim interactionNot required
The attacker sends requests directly to the endpoint; no action by a logged-in user or administrator is required.
Attack complexityDetail
The exploit is reliable and condition-free, requiring no race conditions, memory-layout knowledge, or environmental prerequisites.

Blast Radius

The attacker can read all data stored in the database by issuing arbitrary SELECT queries through the unauthenticated endpoint.
Sensitive records such as user credentials, session tokens, application configuration, and any LLM-related output stored in the database are directly readable.
Because integrity and availability impact tokens are None, the attacker cannot modify or delete data, and the service itself is not disrupted by this exploit path.

How HarborGuard Handles This

Available on HarborGuard: detection for this CVE is active against all scanned images containing Aix-DB 1.2.4 or earlier, with results surfaced in pipeline and registry scans within minutes of ingestion. Because no upstream patch exists, HarborGuard monitors the advisory on every ingest cycle and will make a patched-image rebuild available the moment a fix version is published. Where compliance policy permits, customers with auto-remediation enabled will have the rebuild triggered, a regression test run, and a PR opened against affected workloads automatically at that point. In the interim, compensating controls worth considering include network-policy rules that restrict adjacency to the Aix-DB service to trusted sources only, egress filtering to limit lateral query exposure, and disabling or firewall-blocking the "/llm/process_llm_out" route at the ingress or service-mesh layer if the endpoint is not required in production.

See how HarborGuard automates this

Affected packages

Aix-DB / Aix-DB
≤ 1.2.4

CVSS Vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

References

Metrics

Get notified