SUSE CVE-2025-59956

AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Versions 0.3.3 and below are susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the /messages endpoint served by the Agent API. This allows for th...

GO-2025-3991 Coder AgentAPI exposed user chat history via a DNS rebinding attack in github.com/coder/agentapi

Coder AgentAPI exposed user chat history via a DNS rebinding attack in github.com/coder/agentapi...

AgentAPI 安全漏洞

AgentAPI is a Coder open source interface project. A security vulnerability exists in AgentAPI 0.3.3 and earlier versions, which stems from a susceptibility to client-side DNS rebinding attacks that could lead to unauthorized disclosure of sensitive user data...

CVE-2025-59956 AgentAPI exposed user chat history via a DNS rebinding attack

AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Versions 0.3.3 and below are susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the /messages endpoint served by the Agent API. This allows for th...

CVE-2025-59956 AgentAPI exposed user chat history via a DNS rebinding attack

AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Versions 0.3.3 and below are susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the /messages endpoint served by the Agent API. This allows for th...