# CVE-2026-30350: Aegra DoS via Improper Handling of JSON Value Types ## Vulnerability Overview - **CVE ID**: CVE-2026-30350 - **Vulnerability Type**: Denial of Service (DoS) - **Description**: In the `/store/items/search` endpoint of the Aegra Agent Protocol server, there is an issue with improper handling of JSON value types. An attacker can trigger a persistent denial of service through an uncaught exception. - **Impact**: Persistent Denial of Service ## Affected Scope - **Affected Product Codebase**: Aegra Agent Protocol server - e9a89f8aad8c01d0d5750b325a88ff4e10b3954 - **Affected Components**: Store API + LangGraph Postgres store integration (store search path / row decoding) - **Attack Type**: Remote ## Remediation - **Reference Link**: [GitHub Repository](https://github.com/ibbybuilds/aegra/tree/main) - **Vendor Confirmation**: The vendor has confirmed or acknowledged the vulnerability ## POC Code ```plaintext [Description] An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f8 allows attackers to cause a Denial of Service. [VulnerabilityType Other] Denial of Service (persistent) via uncaught exception / improper handling of JSON value types in store search (json decode/ [Vendor of Product] Aegra [Affected Product Code Base] Aegra Agent Protocol server - e9a89f8aad8c01d0d5750b325a88ff4e10b3954 [Affected Component] Store API + LangGraph Postgres store integration (store search path / row decoding) [Attack Type] Remote [Impact Denial of Service] true [Reference] https://github.com/ibbybuilds/aegra/tree/main [Has vendor confirmed or acknowledged the vulnerability?] true ```