AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-686c-7vgv-v3fx: Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint

mediumvulnerability

security

Source: GitHub Advisory DatabaseMay 19, 2026CVE-2026-45796

Summary

Coder's Azure identity endpoint was vulnerable to SSRF (server-side request forgery, where an attacker tricks a server into making requests to unintended targets) because it accepted unsigned certificates and fetched arbitrary URLs without validation. An attacker could craft a fake certificate pointing to any internal or external address, forcing the Coder server to connect to it and reveal whether the target was reachable through error messages, enabling network reconnaissance and potential attacks on internal services.

Solution / Mitigation

Fixed in PR #25274 (commit 57b11d405). Upgrade to patched versions: v2.33.3, v2.32.2, v2.31.12, v2.30.8, v2.29.13, or v2.24.5 (ESR), depending on your release line.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Disclosure Date

May 19, 2026

Classification

Attack Type

Supply Chain

Attack SophisticationModerate

Impact (CIA+S)

confidentialityintegrity

Affected Vendors

Affected Packages

github.com/coder/coder@<= 0.27.3github.com/coder/coder/v2@< 2.24.5 (fixed: 2.24.5)github.com/coder/coder/v2@>= 2.29.0, < 2.29.13 (fixed: 2.29.13)github.com/coder/coder/v2@>= 2.30.0, < 2.30.8 (fixed: 2.30.8)github.com/coder/coder/v2@>= 2.31.0, < 2.31.12 (fixed: 2.31.12)

Related Issues

medium

CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e

Similar attackNVD/CVE Database

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Similar attack

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-686c-7vgv-v3fx

First tracked: May 19, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 75%