Description
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who obtained or predicted a session identifier to impersonate an agent or join an existing session. This vulnerability is fixed in 1.1.0.
Published: 2026-03-10
Score: 7.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized agent impersonation within active sessions
Action: Patch
AI Analysis

Impact

Coral Server failed to enforce strong authentication between agents and the server during an active session, allowing an attacker who can obtain or predict a session identifier to impersonate an agent or join an existing session. This results in the attacker gaining unauthorized access to collaboration channels, potentially compromising the integrity, confidentiality, and availability of the communication, coordination, trust, and payment functions. The weakness involves authorization bypass through user-controlled keys.

Affected Systems

The vulnerability affects all Coral-Protocol Coral Server installations using versions earlier than 1.1.0. Current releases from version 1.1.0 onward include the fix.

Risk and Exploitability

The CVSS score of 7.6 indicates a high impact, while the EPSS score of less than 1% suggests a very low likelihood of exploitation as of this analysis. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to obtain a valid session identifier—potentially through network sniffing, phishing, or other means—to impersonate an agent, implying that the attack vector is remote and contingent on session ID exposure.

Generated by OpenCVE AI on April 16, 2026 at 03:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Coral Server to version 1.1.0 or later to apply the fix.
  • Enforce the use of secure transport (TLS/SSL) and session identifiers that are unpredictable and transmitted only over encrypted channels.
  • Verify that all existing Coral Server deployments have been upgraded and conduct a post-mitigation assessment to confirm no legacy versions remain in operation.

Generated by OpenCVE AI on April 16, 2026 at 03:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Mar 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Coralos
Coralos coral Server
CPEs cpe:2.3:a:coralos:coral_server:*:*:*:*:*:*:*:*
Vendors & Products Coralos
Coralos coral Server
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Coral-protocol
Coral-protocol coral-server
Vendors & Products Coral-protocol
Coral-protocol coral-server

Tue, 10 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 10 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
Description Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who obtained or predicted a session identifier to impersonate an agent or join an existing session. This vulnerability is fixed in 1.1.0.
Title Coral Server has insufficient agent authentication in session communication channels
Weaknesses CWE-639
References
Metrics cvssV4_0

{'score': 7.6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Coral-protocol Coral-server
Coralos Coral Server
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-10T20:39:42.639Z

Reserved: 2026-03-07T17:53:48.815Z

Link: CVE-2026-30969

cve-icon Vulnrichment

Updated: 2026-03-10T20:39:37.167Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-10T18:18:55.760

Modified: 2026-03-13T19:51:36.287

Link: CVE-2026-30969

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T04:00:09Z

Weaknesses