Total CVEs

143,081

Critical Severity

4,044

High Severity

14,530

Last 7 Days

1,278
Quick preset (or use dates below)
Clear Filters
Showing 1 - 20 of 20 CVEs
CVE-2026-55438 MEDIUM - 5.8

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, Coder's subdomain-based workspace app proxy allowed the same-owner CORS check to be bypassed. When a workspace-name subdomain segment parsed as a UUID, t...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55437 MEDIUM - 5.4

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, the `AgentLogLine` dashboard component instantiated `ansi-to-html` without `escapeXML: true` and inserted the result via `dangerouslySetInnerHTML` so HTML emb...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55436 HIGH - 7.4

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy (`aibridgeproxyd`) created a goproxy server whose default transport set `InsecureSkipVerify: true` and only assigned...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55435 MEDIUM - 5.4

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, AI Bridge proxy endpoints authenticate via `Server.IsAuthorized` in `coderd/aibridgedserver`, which validates key format, expiry, secret...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55434 MEDIUM - 6.5

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.33.0 and prior to versions 2.33.8 and 2.34.2, AI Bridge provider handlers read request bodies with `io.ReadAll` without a maximum size so an authenticated user with AI Bridge access could sen...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55433 MEDIUM - 5.4

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only `ActionRead` on the workspace and, unlike the sibling delete endpoint, performe...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55432 MEDIUM - 5.4

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the `CreateSubAgent` RPC did not validate a requested app sharing level against the template's `MaxPortSharingLevel` before persisting workspace apps, let...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55431 HIGH - 7.7

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `coder open app` opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the `$SESSION_TOKEN` placeholder th...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55078 MEDIUM - 6.5

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `POST /api/v2/files` converts zip uploads to tar in memory via `CreateTarFromZip`, which enforced a per-entry size limit but no ...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55430 MEDIUM - 5.8

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the workspace app proxy resolves the target app from `httpapi.RequestHost()` which prefers the `X-Forwarded-Host` header over the real `Host` header. No middle...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55428 HIGH - 8.2

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the tailnet coordinator validates that an agent's `Addresses` derive from its authenticated UUID but applies no equivalent check to `AllowedIPs`. The coor...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55429 HIGH - 8.7

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `UpsertWorkspaceApp` overwrites an existing app's `agent_id` on a primary-key conflict and `insertAgentApp` accepts the app ID from the provisioner's...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55079 MEDIUM - 4.9

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.24.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `NewDataBuilder` in `provisionersdk/proto/dataupload.go` allocated a byte slice using the client-supplied `FileSize` from a `Dat...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55427 HIGH - 8.3

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `coder config-ssh` wrote server-supplied SSH settings (`HostnameSuffix`, `SSHConfigOptions`) into the user's `~/.ssh/config` without sanitizing embedded n...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55077 HIGH - 7.2

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the `PUT /api/v2/users/{user}/password` endpoint authorized only `ActionUpdatePersonal` and did not prevent a `user-admin` from resetting an `owner` account�...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55075 HIGH - 7.4

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, two flaws in Coder's OIDC login chained into account takeover. Email-based user matching fell back to linking by email without checking for an existing li...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-55076 HIGH - 7.4

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, Coder's OIDC callback checked `email_verified` with a direct Go `bool` type assertion. When an IdP returned the claim as a non-boolean (for example the st...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 06, 2026
Source: GitHub
CVE-2026-44454 HIGH - 8.1

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7 and 2.30.2, the `dotfiles` registry module passed unsanitized user input to shell commands, allowing arbitrary code execution inside a provisioned workspace. Any user who supplied a crafte...

Vendor: go
Product: github.com/coder/coder/v2
Published: Jul 02, 2026
Source: GitHub
CVE-2026-46354 CRITICAL - 9.1

Coder allows organizations to provision remote development environments via Terraform. In versions prior tp 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3, `azureidentity.Validate()` verifies that the PKCS#7 signer certificate chains to a trusted Azure CA but never verifies the PKCS#7 signatur...

Vendor: go
Product: github.com/coder/coder/v2
Published: May 19, 2026
Source: GitHub
CVE-2026-45796 MEDIUM - 6.5

Coder allows organizations to provision remote development environments via Terraform. Versions prior tp 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3 are vulnerable to unauthenticated semi-blind Server-Side Request Forgery (SSRF) via the Azure instance identity endpoint (`POST /api/v2/worksp...

Vendor: go
Product: github.com/coder/coder/v2
Published: May 19, 2026
Source: GitHub