{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/axonflow-platform/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["axonflow platform","try.getaxonflow.com","github.com/getaxonflow/axonflow"],"_cs_severities":["critical"],"_cs_tags":["multi-tenancy","access-control","SQL injection","denial of service","vulnerability"],"_cs_type":"advisory","_cs_vendors":["AxonFlow","GitHub"],"content_html":"\u003cp\u003eA consolidated advisory addresses eight independently-filed bug fixes in AxonFlow platform versions before 7.5.0, resolving multi-tenant isolation, access-control, and policy-enforcement defects. Exploitation of these vulnerabilities could allow attackers to bypass authentication, access sensitive data across tenants, or cause a denial of service. The vulnerabilities include MAP execution multi-tenant isolation (CWE-863), cross-tenant audit-log leaks (CWE-200, CWE-863), license-validation bypass (CWE-862), tenant-scope fail-open (CWE-862), internal-service auth fallback bypass (CWE-863), login timing/org-existence disclosure (CWE-208), portal DoS via unbounded request body (CWE-770), and SQL-injection on the Community SaaS hosted endpoint (CWE-89). The vulnerabilities were identified during an internal security review by AxonFlow in April 2026. The primary remediation is to upgrade to AxonFlow platform version 7.5.0 or later.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eInitial Access:\u003c/strong\u003e An attacker exploits the license-validation bypass on the \u003ccode\u003e/onboard-customer\u003c/code\u003e endpoint to gain unauthenticated access to the onboarding flow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrivilege Escalation:\u003c/strong\u003e The attacker leverages the MAP execution multi-tenant isolation vulnerability by providing a malicious \u003ccode\u003eorg_id\u003c/code\u003e in the request body to override the authenticated organization ID.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDefense Evasion:\u003c/strong\u003e The attacker bypasses the \u003ccode\u003eapiAuthMiddleware\u003c/code\u003e using the internal-service auth fallback in Evaluation/Enterprise builds, gaining unauthorized access to internal services.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInformation Disclosure:\u003c/strong\u003e The attacker exploits the cross-tenant audit-log leak via the \u003ccode\u003e/api/v1/evidence/*\u003c/code\u003e and \u003ccode\u003e/api/v1/decisions/*/explain\u003c/code\u003e handlers to access sensitive audit logs from other tenants.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDiscovery:\u003c/strong\u003e The attacker enumerates valid organizations by observing the different timing and response bodies returned by the login handler for invalid organization versus invalid password attempts.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDenial of Service:\u003c/strong\u003e The attacker sends an unbounded request body to the portal, exhausting server memory and causing a denial-of-service condition.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSQL Injection (Community SaaS):\u003c/strong\u003e An attacker crafts SQL-injection-shaped requests to the Community SaaS hosted endpoint (\u003ccode\u003etry.getaxonflow.com\u003c/code\u003e), bypassing governance and potentially influencing the LLM with malicious queries.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImpact:\u003c/strong\u003e Successful exploitation allows unauthorized access to tenant data, policy manipulation, denial-of-service, and potential control over the LLM in the Community SaaS environment.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe vulnerabilities collectively pose a significant risk to AxonFlow platform users, particularly those in multi-tenant environments. Successful exploitation of these vulnerabilities could lead to unauthorized access to sensitive data, policy manipulation, denial of service, and in the case of the Community SaaS platform, SQL injection leading to potential LLM compromise. The audit-log leaks could expose confidential business operations. The portal DoS could disrupt service availability, impacting critical business processes. The SQL-injection vulnerability on try.getaxonflow.com allows attackers to inject malicious queries. Upgrading to version 7.5.0 or later is the primary mitigation step.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to AxonFlow platform version 7.5.0 or later to remediate all identified vulnerabilities.\u003c/li\u003e\n\u003cli\u003eFor those unable to upgrade immediately, ensure the agent middleware sets \u003ccode\u003eX-Org-ID\u003c/code\u003e / \u003ccode\u003eX-Tenant-ID\u003c/code\u003e from authenticated identity at the ingress, never accepting body-supplied identity (mitigates Items 1–5).\u003c/li\u003e\n\u003cli\u003eFor Community SaaS users unable to upgrade immediately, set \u003ccode\u003eSQLI_ACTION=block\u003c/code\u003e explicitly via the agent task definition to mitigate the SQL-injection vulnerability (Item 8).\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for abnormally large request bodies targeting the AxonFlow portal, indicative of potential DoS attempts (CWE-770).\u003c/li\u003e\n\u003cli\u003eDeploy a web application firewall (WAF) to filter SQL-injection attempts targeting the \u003ccode\u003etry.getaxonflow.com\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-07T14:00:00Z","date_published":"2026-05-07T14:00:00Z","id":"/briefs/2026-05-axonflow-multitenant-vulns/","summary":"Multiple vulnerabilities in AxonFlow platform versions prior to 7.5.0, including multi-tenant isolation issues and SQL injection, could lead to unauthorized access, information disclosure, denial of service, and other security impacts; AxonFlow v7.5.0 resolves these issues.","title":"AxonFlow Platform Multi-Tenant Isolation and Access Control Vulnerabilities","url":"https://feed.craftedsignal.io/briefs/2026-05-axonflow-multitenant-vulns/"}],"language":"en","title":"CraftedSignal Threat Feed — Axonflow Platform","version":"https://jsonfeed.org/version/1.1"}