CVE-2026-55430
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
5.8 / 10
Vulnerability Description
Coder's subdomain workspace app routing trusts unauthenticated X-Forwarded-Host header, enabling cross-app data access
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
go
Product
github.com/coder/coder/v2
Discussion (0)
Add Comment
No comments yet. Be the first!