CVE-2026-61740 in LightRAG
Summary
by MITRE • 07/15/2026
LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, when LightRAG is deployed with LIGHTRAG_API_KEY set but AUTH_ACCOUNTS unset, X-API-Key protection can be bypassed because lightrag/api/auth.py falls back to a hardcoded DEFAULT_TOKEN_SECRET, /auth-status and /login can mint guest JWTs, and combined_dependency in lightrag/api/utils_api.py accepts a valid guest token before checking the API key. A remote unauthenticated attacker can call endpoints guarded by combined_auth, including document read, upload, deletion, graph mutation, and query endpoints. This vulnerability is fixed in 1.5.4.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 07/15/2026
The LightRAG vulnerability represents a critical authentication bypass flaw that undermines the security posture of the retrieval-augmented generation system. This issue affects versions prior to 1.5.4 and stems from a flawed authorization mechanism that fails to properly validate API key credentials when specific environment variables are configured incorrectly. The vulnerability manifests when the LIGHTRAG_API_KEY environment variable is set while AUTH_ACCOUNTS remains unset, creating a dangerous configuration state that allows unauthorized access to protected endpoints.
The technical implementation of this vulnerability resides in the authentication module located at lightrag/api/auth.py where the system exhibits fallback behavior to a hardcoded DEFAULT_TOKEN_SECRET when proper account authentication is not configured. This hardcoded secret serves as a security weakness that can be exploited by attackers who understand the system's internal workings. The authentication system also permits the creation of guest JWT tokens through the /auth-status and /login endpoints, which should normally be restricted but are made accessible to unauthenticated users in this vulnerable configuration.
The operational impact of this vulnerability extends across multiple attack vectors within the LightRAG system, as the combined_dependency function in lightrag/api/utils_api.py accepts valid guest tokens before performing API key validation checks. This ordering flaw creates a window where attackers can authenticate using guest credentials and subsequently access endpoints that should only be available to authenticated users with proper API keys. The exposed endpoints include document read operations, file upload capabilities, deletion functions, graph mutation interfaces, and query processing endpoints, all of which can be accessed without proper authorization.
This vulnerability aligns with CWE-287 which addresses improper authentication issues in software systems, specifically targeting the failure to validate credentials properly and the use of hardcoded secrets that can be discovered through reverse engineering or social engineering attacks. The attack pattern follows principles outlined in the MITRE ATT&CK framework under T1078 for valid accounts and T1566 for credential harvesting, as attackers can exploit the misconfiguration to obtain unauthorized access to sensitive data and system functionality. The vulnerability represents a classic case of privilege escalation through improper authentication flow control where guest access is granted before proper API key verification occurs.
The fix implemented in version 1.5.4 addresses this by ensuring that API key validation occurs before guest token acceptance, thereby breaking the authentication bypass chain. This remediation enforces proper credential verification order and prevents the fallback to hardcoded secrets when proper authentication mechanisms are available but misconfigured. System administrators should verify that both LIGHTRAG_API_KEY and AUTH_ACCOUNTS environment variables are properly configured according to security best practices to prevent this vulnerability from manifesting in production environments.