CVE-2026-6729 Overview
HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse another user's conversation state and replace or interrupt their active tasks by colliding into the same session boundary through the shared chat or thread scope.
Critical Impact
Authenticated users in shared chat environments can hijack sessions of other participants, potentially accessing sensitive conversation state and interrupting or replacing active tasks without authorization.
Affected Products
- HKUDS OpenHarness (versions prior to PR #159 remediation)
Discovery Timeline
- 2026-04-20 - CVE CVE-2026-6729 published to NVD
- 2026-04-21 - Last updated in NVD database
Technical Details for CVE-2026-6729
Vulnerability Analysis
This vulnerability is classified under CWE-287 (Improper Authentication), specifically manifesting as a session hijacking vulnerability through insufficient sender identity verification in the session key derivation process. The flawed implementation derives session keys using only the channel, chat ID, and optionally thread ID—without incorporating the sender's identity. This architectural oversight means that multiple users participating in the same shared chat or thread context are assigned identical session keys, allowing any authenticated participant to effectively assume another user's session context.
The attack is network-accessible and requires low privileges (authentication as a participant in the shared chat). No user interaction is required for exploitation. Impact includes unauthorized access to other users' conversation states (confidentiality), the ability to modify or replace ongoing tasks (integrity), and potential disruption of active sessions (availability).
Root Cause
The root cause lies in the session_key_for_message() function within ohmo/gateway/router.py. The original implementation constructed session keys by concatenating only channel, chat_id, and optionally thread_id without including sender identity information. This design assumes that session isolation at the chat/thread level is sufficient, but fails to account for multi-user shared environments where each participant should maintain their own independent session state.
Attack Vector
An authenticated attacker participating in a shared chat or thread can exploit this vulnerability by:
- Joining the same chat or thread as the target victim
- Sending messages that will derive the same session key as the victim's active session
- The session key collision allows the attacker to access the victim's conversation state
- The attacker can then read, modify, or interrupt the victim's active tasks and session data
The following code shows the vulnerable session key derivation and the applied fix:
def session_key_for_message(message: InboundMessage) -> str:
- """Route sessions by chat and thread when available."""
+ """Route sessions by sender plus chat/thread when available."""
if message.session_key_override:
return message.session_key_override
+ sender_id = str(message.sender_id).strip() or "anonymous"
thread_id = (
message.metadata.get("thread_id")
or message.metadata.get("thread_ts")
or message.metadata.get("message_thread_id")
)
if thread_id:
- return f"{message.channel}:{message.chat_id}:{thread_id}"
- return f"{message.channel}:{message.chat_id}"
+ return f"{message.channel}:{message.chat_id}:{thread_id}:{sender_id}"
+ return f"{message.channel}:{message.chat_id}:{sender_id}"
Source: GitHub Commit Details
Detection Methods for CVE-2026-6729
Indicators of Compromise
- Unexpected session state changes or task interruptions reported by users in shared chat environments
- Multiple users appearing to control or access the same session simultaneously
- Anomalous message patterns where user actions don't correlate with their expected behavior
- Log entries showing session key collisions across different sender IDs within the same chat/thread
Detection Strategies
- Implement logging to capture session key generation events and flag duplicate keys assigned to different user identities
- Monitor for anomalous session activity patterns where multiple sender IDs interact with identical session states
- Deploy application-level intrusion detection to identify session boundary violations in shared contexts
Monitoring Recommendations
- Audit session key derivation logs for patterns indicating collision across different authenticated users
- Enable alerting on session state modifications that don't match the expected sender identity
- Review access patterns in shared chat environments for signs of unauthorized session reuse
How to Mitigate CVE-2026-6729
Immediate Actions Required
- Update HKUDS OpenHarness to include the fix from PR #159
- Review session logs for evidence of exploitation in shared chat environments
- Notify users of shared chats or threads about the potential for session exposure prior to patching
Patch Information
The vulnerability is remediated by applying PR #159 which modifies the session_key_for_message() function in ohmo/gateway/router.py. The fix incorporates sender_id into the session key derivation, ensuring each user in a shared chat or thread receives a unique session key. The specific commit containing the fix is available at commit 3186851. Additional details are available in the VulnCheck Security Advisory.
Workarounds
- Restrict usage of shared chat or thread features until the patch can be applied
- Implement additional application-level session validation that verifies sender identity before granting session access
- Consider network segmentation or access controls to limit who can participate in sensitive shared chat environments
# Apply the security patch from PR #159
git fetch origin pull/159/head:fix-session-key
git checkout fix-session-key
# Or apply the specific commit
git cherry-pick 3186851c479ee714a9bb9aa6cd77017db7e589e2
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
