Lucene search
K

5 matches found

OSV
OSV
added yesterday4 views

GO-2026-5922 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder

Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder...

5.4CVSS5.9AI score
Exploits0References2
OSV
OSV
added yesterday5 views

GO-2026-5924 Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps in github.com/coder/coder

Coder's session token leaked to arbitrary hosts via coder open app for external workspace apps in github.com/coder/coder...

7.7CVSS6AI score
Exploits0References2
OSV
OSV
added yesterday4 views

GO-2026-5918 Coder's workspace app CORS origin check can be bypassed via UUID-based subdomain spoofing in github.com/coder/coder

Coder's workspace app CORS origin check can be bypassed via UUID-based subdomain spoofing in github.com/coder/coder...

5.8CVSS5.9AI score
Exploits0References3
OSV
OSV
added yesterday5 views

GO-2026-5915 Coder: Route hijacking through lack of validation of agent-supplied AllowedIPs in tailnet coordinator in github.com/coder/coder

Coder: Route hijacking through lack of validation of agent-supplied AllowedIPs in tailnet coordinator in github.com/coder/coder...

8.2CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2025/09/17 5:3 p.m.6 views

GO-2025-3938 Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder

Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder...

8.1CVSS7AI score0.00349EPSS
Exploits1References8
Rows per page
Query Builder