Malicious code in coral-dev-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 938459f8d0b02585c73f8dedee34a7e499784f290f4c9cabf61706eeda5bbfe1 The package coral-dev-proxy was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-3395 Malicious code in coral-dev-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 938459f8d0b02585c73f8dedee34a7e499784f290f4c9cabf61706eeda5bbfe1 The package coral-dev-proxy was found to contain malicious code. Source: ossf-package-analysis...

CVE-2026-30969

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

CVE-2026-30970

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

CVE-2026-30968

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...

CVE-2026-30969

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

CVE-2026-30970

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

EUVD-2026-10708

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

CVE-2026-30970 Session authentication bypass in Coral Server session creation endpoint

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

CVE-2026-30970

CVE-2026-30970 affects Coral Server. Before version 1.1.0, the /api/v1/sessions endpoint allowed session creation without strong authentication, performing resource-intensive operations (container spawning and memory context creation). An attacker with access to this endpoint could create session...

CVE-2026-30970 Session authentication bypass in Coral Server session creation endpoint

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

CVE-2026-30970

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint perform...

CVE-2026-30969

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

EUVD-2026-10707

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

CVE-2026-30969 Coral Server has insufficient agent authentication in session communication channels

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

CVE-2026-30969

CVE-2026-30969 affects Coral Server. Prior to 1.1.0, the service did not enforce strong authentication within an active session between agents and the server, allowing an attacker who obtained or predicted a session identifier to impersonate an agent or join a session. The issue is fixed in 1.1.0...

CVE-2026-30969 Coral Server has insufficient agent authentication in session communication channels

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

CVE-2026-30968 Coral Server has insufficient validation of agent identity for SSE connections

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...

CVE-2026-30968 Coral Server has insufficient validation of agent identity for SSE connections

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...

EUVD-2026-10706

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, the SSE endpoint /sse/v1/... in Coral Server did not strongly validate that a connecting agent was a legitimate participant in the session. Th...