CVE-2026-10177 - Vulnerability Details

- Aider-AI Aider AWS EC2 Metadata Endpoint api_docs.py requests.get server-side request forgery

Description

A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file api_docs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. It is suggested to install a patch to address this issue. The pull request to fix this issue awaits acceptance.

Published: 2026-05-31

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability resides in the requests.get call used by the AWS EC2 Metadata Endpoint module within the api_docs.py file of Aider‑AI Aider. An attacker who can influence the target URL argument can cause the application server to issue arbitrary HTTPS or HTTP requests to arbitrary destinations. This can expose internal resources, retrieve sensitive metadata, or potentially trigger further malicious actions on downstream services. The weakness is classified as CWE‑918 and delivers a moderate severity impact, compromising the confidentiality and integrity of data reachable from the application server but does not enable direct execution of code within the host.

Affected Systems

Aider‑AI Aider version 0.86.3 is affected. No broader version range is specified, so the vulnerability is believed to exist in this specific release only. Only systems running this version of the open‑source project are at risk.

Risk and Exploitability

With a CVSS score of 5.3 the risk is considered moderate. No EPSS score is available, and the vulnerability is not included in the CISA KEV catalog. The attack vector is remote, requiring the attacker to supply the target URL to the vulnerable function. Successful exploitation would depend on the ability to send such a request from the environment where the application is running. Once exploitation is achieved, the attacker can exfiltrate data or interact with internal services that otherwise remain unreachable from the outside. The lack of authentication requirements and the public disclosure suggest a real threat that should be mitigated before further exploitation occurs.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Aider-AI

Aider

affected

Version	Status	Constraints
`0.86.3`	affected	—

No data.

Vendor Product Confidence Versions

Aider-ai

Aider

95%

Version	Status	Scheme	Platform
`0.86.3`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update to a patched release of Aider‑AI Aider once the accepted pull request is merged and a new version is published.
If an immediate patch is unavailable, restrict outbound traffic from the application container by configuring firewall rules or network ACLs to block access to the AWS EC2 Metadata Service (typically 169.254.169.254).
Limit the arguments accepted by requests.get in api_docs.py by implementing input validation and only allowing whitelisted URLs or internal IP addresses.
Deploy the application behind a reverse proxy that can enforce stricter request filtering and monitor for suspicious outbound requests.

Generated by OpenCVE AI on May 31, 2026 at 11:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00043.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/Aider-AI/aider/
https://github.com/Aider-AI/aider/issues/5075
https://github.com/Aider-AI/aider/pull/5137
https://vuldb.com/cve/CVE-2026-10177
https://vuldb.com/submit/819911
https://vuldb.com/vuln/367458
https://vuldb.com/vuln/367458/cti

History

Sun, 31 May 2026 10:45:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file api_docs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. It is suggested to install a patch to address this issue. The pull request to fix this issue awaits acceptance.
Title		Aider-AI Aider AWS EC2 Metadata Endpoint api_docs.py requests.get server-side request forgery
First Time appeared		Aider-ai Aider-ai aider
Weaknesses		CWE-918
CPEs		cpe:2.3:a:aider-ai:aider::::::::
Vendors & Products		Aider-ai Aider-ai aider
References		https://github.com/Aider-AI/aider/ https://github.com/Aider-AI/aider/issues/5075 https://github.com/Aider-AI/aider/pull/5137 https://vuldb.com/cve/CVE-2026-10177 https://vuldb.com/submit/819911 https://vuldb.com/vuln/367458 https://vuldb.com/vuln/367458/cti
Metrics		cvssV2_0 `{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}` cvssV3_0 `{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Aider-ai Aider

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-05-31T10:15:08.202Z

Updated: 2026-05-31T10:15:08.202Z

Reserved: 2026-05-30T16:21:45.507Z

Link: CVE-2026-10177

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-31T11:16:46.537

Modified: 2026-05-31T11:16:46.537

Link: CVE-2026-10177

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-31T12:00:13Z

Weaknesses

CWE-918

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object