Raxx · internal docs

internal · gated ↑ index

Security triage — 2026-04-27

Triage run: 2026-04-27T09:07:00Z (UTC) Scan source: GH Actions nightly scan, workflow run auto-filed (no run ID available — scan doc absent) Scan report: docs/security/scans/2026-04-27.md — ABSENT (recurring gap; workflow files issues but does not commit doc) Triaged by: security-agent (claude-sonnet-4-6)

Scan report status

docs/security/scans/2026-04-27.md was not present at triage time. Same gap as 2026-04-26. Triage performed against auto-filed issues (#429–#431) plus 2026-04-26 triage doc for trend comparison.

Findings summary

Severity Count Disposition
CRITICAL 0 None
HIGH 1 genuine (#430) pyjwt CVE-2026-32597 — agent tooling layer
MEDIUM 1 downgraded (#429) Markdown DoS — auto-filer over-classified as HIGH
MEDIUM (tooling) 1 (#431) .gitleaks.toml allowlist — recurring noise suppression

No CRITICAL findings. No Slack page sent.

HIGH findings

#430 — CVE-2026-32597 in pyjwt@2.10.1

Verdict: GENUINE HIGH. Actionable.

Context: PR #419 (merged 2026-04-27T08:23Z) bumped pyjwt from 2.8.0 to 2.10.1 to close #400. However, the fix version for CVE-2026-32597 is 2.12.0. The bump was insufficient — the CVE was introduced after 2.10.1 was pinned, or the fix version was not known at the time of #419.

Package location: scripts/agents/requirements.txt line 1 only. NOT in backend_v2/requirements.txt or console/requirements.txt. Blast radius: agent-tooling layer exclusively.

Advisory (verified): CVE-2026-32597 / GHSA-752w-5fwx-jx9f — PyJWT fails to validate the crit (Critical) Header Parameter per RFC 7515 §4.1.11. Library accepts JWS tokens listing unknown critical extensions instead of rejecting them. CVSS 7.5 HIGH. CWE-345/CWE-863. Fix: upgrade to pyjwt[crypto]==2.12.0.

Remediation: Bump scripts/agents/requirements.txt: pyjwt[crypto]==2.10.1pyjwt[crypto]==2.12.0.

Routing: feature-developer (area:devops). One-line bump; can be merged same day.

Triage comment posted: https://github.com/MooseQuest/TradeMasterAPI/issues/430#issuecomment-4327642780

MEDIUM findings

#429 — GHSA-5wmx-573v-2qwq in Markdown==3.8

Verdict: GENUINE MEDIUM. Auto-filer over-classified as HIGH — corrected.

Context: PR #419 bumped Markdown from 3.7 to 3.8 to close #399. Fix version is 3.8.1. Same partial-fix pattern as #430.

Package location: console/requirements.txt. Not in backend_v2.

Advisory (verified): GHSA-5wmx-573v-2qwq / CVE-2025-69534 — Python-Markdown unhandled AssertionError DoS via malformed HTML-like input. GHSA severity: Moderate. CVSS 5.5. Impact: availability (DoS) only. Fix: Markdown==3.8.1.

Severity correction: Label changed from severity:high to severity:medium-low. GHSA rates this Moderate (CVSS 5.5) — below the CVSS ≥ 7.0 HIGH threshold per agent spec. Console is not yet live; real-world exposure is zero today.

Remediation: Bump console/requirements.txt: Markdown==3.8Markdown==3.8.1. Can be bundled with the console dep-hygiene pass.

Routing: feature-developer (area:console).

Triage comment posted: https://github.com/MooseQuest/TradeMasterAPI/issues/429#issuecomment-4327644566

#431 — .gitleaks.toml allowlist

Verdict: MEDIUM tooling. No triage action required today.

Pre-existing tracking issue for the recurring gitleaks false-positives. No new false-positive CRITICAL findings today — the gitleaks noise did not re-fire in this scan cycle.

Routing: feature-developer (area:devops). Ready-for-dev.

Carry-forward HIGHs (open, no change today)

Issue Area Summary Days open
#378 frontend (Antlers) Production source map publicly served at raxx.app 2
#307#312 console cryptography/pyopenssl/flask dep HIGHs (baseline) 2
#313#320 frontend (Antlers) npm audit (react-scripts, workbox, serialize-javascript) 2
#252 infra Heroku origin bypass (CF-Connecting-IP enforcement) >3
#305, #306 backend-v2, console bandit B104 bind-all-interfaces 2

No regressions on any carry-forward issue. No new fixes merged to close them since 2026-04-26 triage.

Slack DM status

No CRITICAL findings this run. No Slack page required.

SLACK_BOT_TOKEN confirmed present in agent environment (resolved via #413 wire_agent_env.sh). Page capability is operational for future CRITICALs.

Trend vs 2026-04-26

Metric 2026-04-26 2026-04-27 Delta
CRITICAL (genuine) 0 (post-closure) 0 0
CRITICAL (false positive noise) 2 (gitleaks) 0 -2 (did not re-fire)
HIGH (new today) 4 1 -3
HIGH (total open) 23 22 (net: #430 added, #400 closed) -1
MEDIUM-LOW 1 2 (#429 downgraded to medium-low, #431) +1

Pattern: PR #419 partially resolved prior HIGH findings but introduced a residual gap — pyjwt and Markdown were bumped to non-fix versions. Both now triaged with correct remediation targets.

Actions taken this run

  1. Confirmed UTC date: 2026-04-27
  2. Confirmed no docs/security/scans/2026-04-27.md (recurring workflow gap)
  3. Read baseline docs/security/scans/2026-04-25.md and docs/security/triage/2026-04-26.md for trend context
  4. Read auto-filed issues #429, #430, #431
  5. Verified CVE-2026-32597 via NVD + GHSA-752w-5fwx-jx9f (confirmed CVSS 7.5 HIGH, fix=2.12.0)
  6. Verified GHSA-5wmx-573v-2qwq via GitHub advisories (confirmed Moderate/CVSS 5.5, fix=3.8.1)
  7. Located pyjwt in scripts/agents/requirements.txt only — confirmed scope is agent tooling
  8. Located Markdown in console/requirements.txt only — confirmed scope is console
  9. Checked #399 and #400 (prior pyjwt/Markdown issues) — both CLOSED (partial fix from #419)
  10. Checked #377 (Alpaca credentials) — CLOSED
  11. Checked #281 (CF token expiry) — CLOSED
  12. Posted triage comment on #430 with verified evidence, risk, remediation
  13. Posted triage comment on #429 with verified evidence, severity correction
  14. Relabeled #429 from severity:high to severity:medium-low
  15. Confirmed no CRITICAL open issues — no Slack page sent

Tooling gaps (recurring)

  1. No docs/security/scans/2026-04-27.md — workflow must commit scan output file, not just file issues. Ongoing gap.
  2. .gitleaks.toml allowlist absent — tracked at #431. Did not re-fire today but remains a nightly risk.
  3. Infisical rotation-cadence read not automatedlast_rotated_at per credential still unread. No new rotation flags this run.
  4. #419 partial-fix pattern — dep bumps that don't reach the exact fix version create next-day residual HIGHs. Recommend CI gating with pip-audit/npm-audit on PRs to catch this before merge.