CVE-2026-42072

Name of the Vulnerable Software and Affected Versions Nornicdb versions prior to 1.0.42-hotfix

Description The Bolt listener always binds to the wildcard address (all interfaces), regardless of the user configuration. This occurs because the --address CLI flag, the NORNICDB ADDRESS environment variable, and the server.host configuration key are correctly applied to the HTTP server but are not passed to the Bolt server configuration. Consequently, the Bolt server uses an empty host in its listening function, causing it to bind to all available network interfaces. On a local area network (LAN), this exposes the graph database to any device on the same network, potentially allowing unauthorized access using default admin:password credentials to execute arbitrary Cypher queries.

Recommendations Update to version 1.0.42-hotfix. As a temporary workaround, use host-firewall rules to block non-loopback traffic to the Bolt port (default 7687).