25 matches found
CVE-2026-30969
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
CVE-2026-30970
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...
CVE-2026-30968
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...
CVE-2026-30969
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
CVE-2026-30970
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...
EUVD-2026-10708
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...
CVE-2026-30970 Session authentication bypass in Coral Server session creation endpoint
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...
CVE-2026-30970 Session authentication bypass in Coral Server session creation endpoint
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...
CVE-2026-30970
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...
CVE-2026-30970
CVE-2026-30970 affects Coral Server. Before version 1.1.0, the /api/v1/sessions endpoint allowed session creation without strong authentication, performing resource-intensive operations (container spawning and memory context creation). An attacker with access to this endpoint could create session...
CVE-2026-30969
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
CVE-2026-30969 Coral Server has insufficient agent authentication in session communication channels
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
EUVD-2026-10707
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
CVE-2026-30969
CVE-2026-30969 affects Coral Server. Prior to 1.1.0, the service did not enforce strong authentication within an active session between agents and the server, allowing an attacker who obtained or predicted a session identifier to impersonate an agent or join a session. The issue is fixed in 1.1.0...
CVE-2026-30969 Coral Server has insufficient agent authentication in session communication channels
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
CVE-2026-30968 Coral Server has insufficient validation of agent identity for SSE connections
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...
CVE-2026-30968 Coral Server has insufficient validation of agent identity for SSE connections
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...
CVE-2026-30968
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...
EUVD-2026-10706
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...
CVE-2026-30968
Summary: Coral Server’s SSE endpoint (/sse/v1/...) did not strongly validate that a connecting agent was a legitimate session participant before version 1.1.0, potentially allowing unauthorized message injection or observation. Affected versions: prior to 1.1.0. Impact: stated as possible confide...