VYPR

PyPI package

aegra-api

pkg:pypi/aegra-api

Vulnerabilities (1)

  • CVE-2026-44504HigMay 14, 2026
    affected >= 0.9.0, < 0.9.7fixed 0.9.7

    Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's thread_id, can execute graph runs against the user's thread, re