PT-2026-24340 · Unknown · Coral-Server
Highseafraf
·
Published
2026-03-10
·
Updated
2026-03-16
·
CVE-2026-30969
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Coral Server versions prior to 1.1.0
Description
Coral Server, an open collaboration infrastructure for The Internet of Agents, did not enforce strong authentication between agents and the server during active sessions. This could allow an attacker who obtains or predicts a session identifier to impersonate an agent or join an existing session.
Recommendations
Update to version 1.1.0 or later.
Exploit
Fix
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coral-Server