GHSA-xhv3-q4xx-349r: stistigmem-node: quarantine review surface exposes and mutates other tenants' quarantined facts (cross-tenant BOLA)

June 19, 2026

On a multi-tenant stigmem node, a tenant administrator could list, read, and admit or reject quarantined facts belonging to other tenants. The list/count queries and _get_quarantined_fact in routes/quarantine.py lacked an f.tenant_id = identity.tenant_id predicate, and the garden lookup was not tenant-scoped — reached via the /v1/quarantine list and admit/reject endpoints.

References

github.com/advisories/GHSA-xhv3-q4xx-349r
github.com/eidetic-labs/stigmem/pull/728
github.com/eidetic-labs/stigmem/security/advisories/GHSA-xhv3-q4xx-349r

Code Behaviors & Features

Detect and mitigate GHSA-xhv3-q4xx-349r with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →