LightRAG: Hardcoded JWT Signing Secret Allows Authentication Bypass
Description
Subject: Security Vulnerability Report Hardcoded JWT Secret (CVE-2026-30762)
Hi HKUDS team,
I'm writing to report a security vulnerability I discovered in LightRAG v1.4.10. This has been assigned CVE-2026-30762 by MITRE.
Vulnerability: Hardcoded JWT signing secret Type: Improper Authentication (CWE-287) Severity: High Attack Vector: Remote / Unauthenticated
Summary: The file lightrag/api/config.py (line 397) uses a default JWT secret "lightrag-jwt-default-secret" when the TOKEN_SECRET environment variable is not set. The AuthHandler in lightrag/api/auth.py (lines 24-25) uses this secret to sign and verify tokens. An unauthenticated attacker can forge valid JWT tokens using the publicly known default secret and gain access to any protected endpoint.
Reproduction: 1. Install LightRAG v1.4.10 with AUTH_ACCOUNTS configured but no TOKEN_SECRET set 2. Use PyJWT to sign a token: jwt.encode({"sub": "admin", "role": "user"}, "lightrag-jwt-default-secret", algorithm="HS256") 3. Send a request to any protected endpoint with the header: Authorization: Bearer <forged_token> 4. Access is granted without valid credentials
Suggested Fix: Require TOKEN_SECRET to be explicitly set when AUTH_ACCOUNTS is configured. Refuse to start the API server if authentication is enabled but no custom secret is provided.
I'm following a 90-day responsible disclosure timeline from today's date. Please let me know if you have any questions or need additional information.
Best regards, Venkata Avinash Taduturi
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
LightRAG v1.4.10 uses a hardcoded JWT secret 'lightrag-jwt-default-secret' allowing unauthenticated attackers to forge tokens and bypass authentication.
Vulnerability
Description
LightRAG v1.4.10 contains a hardcoded JWT signing secret in lightrag/api/config.py at line 397. When the TOKEN_SECRET environment variable is not set, the library defaults to the static string lightrag-jwt-default-secret. The AuthHandler in lightrag/api/auth.py (lines 24-25) uses this secret to sign and verify JSON Web Tokens, making it possible for anyone who knows the secret to create valid tokens [1][2].
Exploitation
An unauthenticated attacker can exploit this by generating a JWT token using the publicly known default secret. For example, using PyJWT: ``python jwt.encode({"sub": "admin", "role": "user"}, "lightrag-jwt-default-secret", algorithm="HS256") ``
The resulting token can be included in the Authorization header of requests to protected endpoints. Since the server uses the same secret for verification, the forged token is accepted as valid, granting access without proper credentials [2].
Impact
Successful exploitation results in authentication bypass, allowing an attacker to access any API endpoint that requires authentication. This could lead to unauthorized data access, modification, or other actions depending on the permissions of the forged token's claims.
Mitigation
No official patch has been released as of the advisory date. The recommended fix is to require the TOKEN_SECRET environment variable to be explicitly set when AUTH_ACCOUNTS is configured, and to refuse server startup if a custom secret is not provided [2]. Users should set a strong, unique secret and never rely on the default value.
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
lightrag-hkuPyPI | < 1.4.13 | 1.4.13 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.