CVE-2026-30970

Name of the Vulnerable Software and Affected Versions Coral Server versions prior to 1.1.0

Description Coral Server is an open collaboration infrastructure designed for communication, coordination, trust, and payments within The Internet of Agents. Before version 1.1.0, the software permitted the creation of agent sessions via the /api/v1/sessions endpoint without robust authentication. This endpoint executes resource-intensive initialization processes, including container spawning and memory context creation. An attacker gaining access to this endpoint could create sessions or exhaust system resources without authorization.

Recommendations Update to version 1.1.0 or later.