Highseafraf

**Name of the Vulnerable Software and Affected Versions** Coral Server versions prior to 1.1.0 **Description** Coral Server, an open collaboration infrastructure for The Internet of Agents, did not enforce strong authentication between agents and the server during active sessions. This could allow an attacker who obtains or predicts a session identifier to impersonate an agent or join an existing session. **Recommendations** Update to version 1.1.0 or later.

**Name of the Vulnerable Software and Affected Versions** Coral Server versions prior to 1.1.0 **Description** Coral Server is an open collaboration infrastructure designed for communication, coordination, trust, and payments within The Internet of Agents. Before version 1.1.0, the software permitted the creation of agent sessions via the `/api/v1/sessions` endpoint without robust authentication. This endpoint executes resource-intensive initialization processes, including container spawning and memory context creation. An attacker gaining access to this endpoint could create sessions or exhaust system resources without authorization. **Recommendations** Update to version 1.1.0 or later.