Orneryd

**Name of the Vulnerable Software and Affected Versions** Nornicdb versions prior to 1.0.42-hotfix **Description** The Bolt listener always binds to the wildcard address (all interfaces), regardless of the user configuration. This occurs because the `--address` CLI flag, the `NORNICDB ADDRESS` environment variable, and the `server.host` configuration key are correctly applied to the HTTP server but are not passed to the Bolt server configuration. Consequently, the Bolt server uses an empty host in its listening function, causing it to bind to all available network interfaces. On a local area network (LAN), this exposes the graph database to any device on the same network, potentially allowing unauthorized access using default `admin:password` credentials to execute arbitrary Cypher queries. **Recommendations** Update to version 1.0.42-hotfix. As a temporary workaround, use host-firewall rules to block non-loopback traffic to the Bolt port (default 7687).