{"data":{"id":"01191ab6-842d-4e5e-b2d8-823ee3e7b41d","title":"GHSA-w3hv-x4fp-6h6j: @grackle-ai/server has Missing WebSocket Origin Header Validation","summary":"The Grackle AI server has a security flaw where its WebSocket upgrade handler (a protocol for real-time two-way communication) doesn't check the Origin header, which identifies where a connection request comes from. This allows a malicious webpage to hijack a WebSocket connection if a user is logged in, potentially letting an attacker see real-time session data and task updates through cross-origin WebSocket hijacking (an attack where a different website tricks your browser into connecting to an unintended service).","solution":"Validate the `req.headers.origin` against an allowlist before accepting WebSocket connections. The patch provided in the source shows checking that the origin contains either 'localhost' or '127.0.0.1', and closing the connection with code 4003 if it doesn't match. As a workaround, ensure the Grackle server is only accessible on 127.0.0.1 (the default) and do not use `--allow-network` in untrusted network environments.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-w3hv-x4fp-6h6j","publishedAt":"2026-03-25T17:27:48.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":["@grackle-ai/server@<= 0.70.2 (fixed: 0.70.3)"],"affectedVendors":[],"affectedVendorsRaw":["Grackle AI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-03-25T17:27:48.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}