ByteOS Network

CVE Vulnerability Details :

CVE-2026-42889

PUBLISHED

More Info Official Page

Assigner-GitHub_M

Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa

Published At-12 May, 2026 | 19:30

Updated At-12 May, 2026 | 19:30

▼CVE Numbering Authority (CNA)

Relay Server WebSocket authentication bypass when token is omitted

Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured, WebSocket connections without a token query parameter were incorrectly treated as having full server permissions. An unauthenticated network attacker who knows or guesses a document ID could connect to the document sync WebSocket and read or modify document contents without a valid document token. This vulnerability is fixed in 0.9.7.

Affected Products

Vendor

No-Instructions

Product

relay-server

Versions

Affected

>= 0.9.0, < 0.9.7

Problem Types

Type	CWE ID	Description
CWE	CWE-863	CWE-863: Incorrect Authorization
CWE	CWE-639	CWE-639: Authorization Bypass Through User-Controlled Key

Type: CWE

CWE ID: CWE-863

Description: CWE-863: Incorrect Authorization

Type: CWE

CWE ID: CWE-639

Description: CWE-639: Authorization Bypass Through User-Controlled Key

Metrics

Version	Base score	Base severity	Vector
3.1	9.1	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Version: 3.1

Base score: 9.1

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References

Hyperlink	Resource
https://github.com/No-Instructions/relay-server/security/advisories/GHSA-9vp9-8q9j-8mqm	x_refsource_CONFIRM

Hyperlink: https://github.com/No-Instructions/relay-server/security/advisories/GHSA-9vp9-8q9j-8mqm

Resource:

x_refsource_CONFIRM

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References