pkg:Go/github.com/coder/coder

6 total CVEsCRITICAL1HIGH4MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2026-46354Coder: PKCS#7 signature bypass in Azure instance identity allows unauthenticated agent token theft
    from 0, <= 0.27.3
  • HIGH8.2CVE-2024-27918Incorrect email domain verification in github.com/coder/coder
    from 0, <= 0.27.3
  • HIGH8.2CVE-2024-27918Incorrect email domain verification in github.com/coder/coder
    from 0
  • HIGH8.1CVE-2025-58437Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder
    from 0
  • HIGH7.8CVE-2025-66411Coder logs sensitive objects unsanitized in github.com/coder/coder
    from 0
  • MEDIUM6.5CVE-2026-45796Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint
    from 0, <= 0.27.3