GHSA-6gqw-jqv7-v88m: stigmem-node: decay sweep expires and counts facts across all tenants (cross-tenant BOLA)

June 19, 2026

On a multi-tenant stigmem node, a caller holding a write credential for one tenant can run a decay sweep that acts on every tenant’s facts. The candidate-selection queries in lifecycle/decay.py (_select_ttl_candidates, _select_confidence_candidates) carried no tenant_id predicate, and the caller’s tenant was not threaded into the sweep or its async worker (run_decay_sweep / _decay_job_worker), reached via POST /v1/decay/sweep.

References

github.com/advisories/GHSA-6gqw-jqv7-v88m
github.com/eidetic-labs/stigmem/pull/728
github.com/eidetic-labs/stigmem/security/advisories/GHSA-6gqw-jqv7-v88m

Code Behaviors & Features

Detect and mitigate GHSA-6gqw-jqv7-v88m with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →