Threats Tagged 'cve-2026-55432'
View all threats tagged with 'cve-2026-55432'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-55432'
Click on any threat for detailed analysis and mitigation recommendations
GHSA-x9qq-2qh5-8rxf: Coder's sub-agent app registration bypasses template port-sharing policy enforcementCVE-2026-55432 0 A vulnerability in Coder's sub-agent app registration allows a workspace owner to bypass the template's maximum port-sharing level policy. Specifically, the CreateSubAgent RPC did not validate the requested app sharing level against the template's MaxPortSharingLevel before saving workspace apps. This could let an authenticated workspace owner register a sub-agent app with a sharing level higher than allowed, potentially exposing the app to unauthenticated users via wildcard app domains. The issue affects deployments using Enterprise port-sharing policies with wildcard app hostnames and requires an authenticated workspace owner with an agent token. A fix is available in versions 2.34.2, 2.33.8, 2.32.7, and 2.29.17. Disabling wildcard app hostnames can serve as a workaround. Join the discussion | GCVE Database | 07/06/2026, 21:08:32 UTC Added: 07/06/2026, 23:02:27 UTC |
Showing 1 to 1 of 1 result