GHSA-XQ7H-VWJP-5VRH

Vulnerability from github – Published: 2026-03-25 17:30 – Updated: 2026-03-25 17:30
VLAI
Summary
@grackle-ai/powerline Runs Without Authentication by Default
Details

Impact

When --token is not provided and GRACKLE_POWERLINE_TOKEN is not set, the PowerLine gRPC server runs with zero authentication. A warning is logged ("NO AUTH (development only)") but nothing prevents deployment in this state. Any client that can reach the PowerLine port can spawn agent sessions, access credential tokens, and execute code.

The default binding is 127.0.0.1 (loopback only), which limits exposure to the local machine. However, if PowerLine is accidentally exposed on a network (e.g., in a container or via port forwarding), the impact is critical.

Affected code: - packages/powerline/src/index.ts:46 — token defaults to empty string - packages/powerline/src/index.ts:63-76 — auth interceptor is only added when token is truthy

Patches

0.70.1

Fix: Require an explicit --no-auth flag to run without authentication, rather than defaulting to no auth when the token is empty. Throw an error if starting without a token and without --no-auth.

Workarounds

Always provide --token or set GRACKLE_POWERLINE_TOKEN when starting PowerLine. The Grackle server does this automatically when managing PowerLine lifecycle.

Resources

  • CWE-306: Missing Authentication for Critical Function
  • File: packages/powerline/src/index.ts
Severity
6.3 (Medium)
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.70.0"
      },
      "package": {
        "ecosystem": "npm",
        "name": "@grackle-ai/powerline"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.70.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-25T17:30:46Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nWhen `--token` is not provided and `GRACKLE_POWERLINE_TOKEN` is not set, the PowerLine gRPC server runs with **zero authentication**. A warning is logged (`\"NO AUTH (development only)\"`) but nothing prevents deployment in this state. Any client that can reach the PowerLine port can spawn agent sessions, access credential tokens, and execute code.\n\nThe default binding is `127.0.0.1` (loopback only), which limits exposure to the local machine. However, if PowerLine is accidentally exposed on a network (e.g., in a container or via port forwarding), the impact is critical.\n\n**Affected code:**\n- `packages/powerline/src/index.ts:46` \u2014 token defaults to empty string\n- `packages/powerline/src/index.ts:63-76` \u2014 auth interceptor is only added when token is truthy\n\n### Patches\n\n0.70.1\n\n**Fix:** Require an explicit `--no-auth` flag to run without authentication, rather than defaulting to no auth when the token is empty. Throw an error if starting without a token and without `--no-auth`.\n\n### Workarounds\n\nAlways provide `--token` or set `GRACKLE_POWERLINE_TOKEN` when starting PowerLine. The Grackle server does this automatically when managing PowerLine lifecycle.\n\n### Resources\n\n- CWE-306: Missing Authentication for Critical Function\n- File: `packages/powerline/src/index.ts`",
  "id": "GHSA-xq7h-vwjp-5vrh",
  "modified": "2026-03-25T17:30:46Z",
  "published": "2026-03-25T17:30:46Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nick-pape/grackle/security/advisories/GHSA-xq7h-vwjp-5vrh"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nick-pape/grackle"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "@grackle-ai/powerline Runs Without Authentication by Default"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.