PT-2026-56080 · Coder · Coder
Published
2026-07-06
·
Updated
2026-07-08
·
CVE-2026-55436
CVSS v3.1
7.4
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Coder versions 2.30.0 through 2.32.6
Coder versions 2.33.0 through 2.33.7
Coder versions 2.34.0 through 2.34.1
Description
The AI Bridge Proxy (
aibridgeproxyd) creates a goproxy server that, by default, sets InsecureSkipVerify: true. In configurations without an upstream proxy, outbound HTTPS connections to the Coder access URL accept any TLS certificate. This allows an attacker with a man-in-the-middle position between the AI Bridge Proxy and the Coder server to intercept Coder session tokens, user-supplied provider API keys, and full request and response bodies, including prompts and completions. The default transport also honors HTTP PROXY and HTTPS PROXY environment variables, which could allow traffic redirection. Deployments where the proxy and server are co-located over loopback are not affected.Recommendations
Update Coder versions 2.30.0 through 2.32.6 to version 2.32.7.
Update Coder versions 2.33.0 through 2.33.7 to version 2.33.8.
Update Coder versions 2.34.0 through 2.34.1 to version 2.34.2.
Ensure the Coder access URL uses a trusted certificate and secure the network path between the AI Bridge Proxy and the Coder server using loopback or mTLS.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coder