CVE-2026-2109 is an improper authorization vulnerability identified in the jsbroks COCO Annotator software, specifically affecting versions 0.11.0 and 0.11.1. The vulnerability resides in the /api/undo/ endpoint within the Delete Category Handler component. An attacker can manipulate the ID parameter in requests to this endpoint to bypass authorization checks, enabling unauthorized deletion or modification of annotation categories. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The CVSS 4.0 base score is 5.3 (medium severity), reflecting the ease of exploitation (network attack vector, low attack complexity) but limited impact scope (partial integrity and availability impact). The vendor was notified early but has not responded, and no patches or mitigations have been published. A public exploit is available, which could facilitate exploitation by attackers. The vulnerability threatens the integrity and availability of annotation data, which is critical in machine learning and computer vision workflows relying on COCO Annotator for dataset labeling. Without proper authorization controls, attackers could disrupt data labeling processes, corrupt datasets, or cause denial of service by deleting categories, potentially impacting downstream AI model training and deployment.

The vulnerability could lead to unauthorized deletion or modification of annotation categories within COCO Annotator, compromising the integrity of labeled datasets. This can disrupt machine learning workflows, degrade model quality, and cause operational delays. Organizations relying on COCO Annotator for critical AI/ML projects may face data loss or corruption, impacting research, product development, or AI-driven services. The availability of annotation data could also be affected if attackers delete essential categories, causing denial of service conditions for annotation teams. Since the vulnerability is remotely exploitable without authentication, attackers can launch attacks from anywhere, increasing the threat surface. The lack of vendor response and absence of patches prolong exposure, raising the risk of exploitation especially in environments where COCO Annotator is internet-facing or insufficiently access-controlled. Overall, the impact is moderate but significant for organizations dependent on accurate and reliable annotation data.

1. Immediately restrict access to the /api/undo/ endpoint by implementing network-level controls such as IP whitelisting or VPN-only access to the COCO Annotator service. 2. Enforce strict authentication and authorization mechanisms around all API endpoints, especially those that modify or delete data. 3. Implement application-layer access controls to validate user permissions before processing deletion or undo requests. 4. Monitor logs and network traffic for unusual or unauthorized API calls targeting the /api/undo/ endpoint. 5. Isolate COCO Annotator instances from public internet exposure where possible. 6. Regularly back up annotation datasets to enable recovery in case of data tampering or deletion. 7. Engage with the vendor or community for updates and patches; consider contributing fixes if feasible. 8. Consider deploying web application firewalls (WAFs) with custom rules to detect and block suspicious manipulation of the ID parameter. 9. Educate users and administrators about the vulnerability and encourage vigilance for anomalous behavior. 10. Plan for rapid patch deployment once an official fix becomes available.