CVE-2026-42072
CRITICALNornicdb: Improper Network Binding in NornicDB Bolt Server allows unauthorized remote access
Title source: cnaDescription
Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag (and NORNICDB_ADDRESS / server.host config key) is plumbed through to the HTTP server correctly but never reaches the Bolt server config. The Bolt listener therefore always binds to the wildcard address (all interfaces), regardless of what the user configures. On a LAN, this exposes the graph database — with its default admin:password credentials — to any device sharing the network. This issue has been patched in version 1.0.42-hotfix.
References (3)
Core 3
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/orneryd/NornicDB/security/advisories/GHSA-2hp7-65r3-wv54
X_Refsource_Misc x_refsource_misc
https://github.com/orneryd/NornicDB/commit/adce4f9a9fc7b6aada07c0bfa2d737cd7a6efaca
X_Refsource_Misc x_refsource_misc
https://github.com/orneryd/NornicDB/releases/tag/v1.0.42
Scores
CVSS v3
9.8
EPSS
0.0044
EPSS Percentile
34.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-1392
Status
published
Products (2)
orneryd/nornicdb
0 - 1.0.42-hotfixGo
orneryd/NornicDB
< 1.0.42-hotfix
Published
May 08, 2026
Tracked Since
May 08, 2026