CVE-2026-30968 is a vulnerability classified under CWE-862 (Missing Authorization) affecting the coral-server component of Coral-Protocol, an open collaboration infrastructure designed to facilitate communication, coordination, trust, and payments within the Internet of Agents ecosystem. The vulnerability exists in the Server-Sent Events (SSE) endpoint (/sse/v1/...) prior to version 1.1.0, where the server fails to adequately verify that connecting agents are legitimate participants in the session. This missing authorization check means that unauthorized agents could connect to SSE streams, potentially injecting unauthorized messages or passively observing sensitive session data. The vulnerability is remotely exploitable without user interaction and requires low attack complexity but does require some level of privileges (PR:L) as per the CVSS 4.0 vector. The impact on confidentiality and integrity is high, as unauthorized message injection can disrupt trust and coordination mechanisms, and observation can leak sensitive information. Availability and authentication are not directly impacted. The vulnerability was publicly disclosed on March 10, 2026, and has been fixed in coral-server version 1.1.0. No known exploits have been reported in the wild to date. The issue highlights the critical need for strict authorization enforcement in real-time communication protocols within agent-based infrastructures.

The vulnerability poses significant risks to organizations relying on Coral-Protocol's coral-server for agent communication and coordination. Unauthorized message injection can lead to manipulation of trust and payment processes, potentially causing financial loss, operational disruption, and reputational damage. Unauthorized observation threatens confidentiality by exposing sensitive session data, which could include agent identities, transaction details, or coordination commands. Given the role of Coral-Protocol in enabling Internet of Agents applications, exploitation could undermine automated decision-making processes and inter-agent trust frameworks. The ease of remote exploitation without user interaction increases the threat level, especially in environments where coral-server is exposed to untrusted networks. Although no known exploits exist yet, the high CVSS score (8.6) and critical nature of the missing authorization warrant immediate attention to prevent potential attacks that could cascade across interconnected agent systems globally.

Organizations should immediately upgrade coral-server to version 1.1.0 or later, where the authorization checks on the SSE endpoint are properly enforced. Until upgrading is possible, restrict network access to the SSE endpoint to trusted agents and networks using firewall rules or network segmentation. Implement additional authentication and authorization layers at the application or proxy level to validate agent identities before allowing SSE connections. Monitor SSE traffic for anomalous connection attempts or unexpected message patterns that could indicate exploitation attempts. Conduct thorough audits of agent permissions and session management policies to ensure least privilege principles are applied. Incorporate logging and alerting mechanisms specifically for SSE endpoint access to detect unauthorized usage early. Finally, engage in regular security assessments of agent communication protocols to identify and remediate similar authorization weaknesses proactively.