CVE-2026-55429 | Coder up to 2.29.6/2.32.6/2.33.7/2.34.1 Workspace App Provisioner UpsertWorkspaceApp/insertAgentApp app ID improper authorization

SecurityVulns

A vulnerability classified as problematic was found in Coder up to 2.29.6/2.32.6/2.33.7/2.34.1. Affected by this issue is the function UpsertWorkspaceApp/insertAgentApp of the component Workspace App Provisioner. The manipulation of the argument app ID results in improper authorization.

This vulnerability is known as CVE-2026-55429. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More