Cyber Resilience

CVE-2026-30969

High

Published: 10 March 2026

Published
10 March 2026
Modified
13 March 2026
KEV Added
Patch
CVSS Score v4 7.6 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0038 29.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-30969 is a high-severity Authorization Bypass Through User-Controlled Key (CWE-639) vulnerability in Coralos Coral Server. Its CVSS base score is 7.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-10 (Adaptive Authentication) and SC-23 (Session Authenticity).

Deeper analysis

CVE-2026-30969 is a high-severity authentication vulnerability (CVSS 9.1, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) affecting Coral Server versions prior to 1.1.0, mapped to CWE-639 (Authorization Bypass Through User-Controlled Key). Coral Server provides open collaboration infrastructure for communication, coordination, trust, and payments in The Internet of Agents. In affected versions, the server fails to enforce strong authentication between agents and the server during active sessions, enabling misuse of session identifiers.

An unauthenticated network attacker can exploit this vulnerability by obtaining or predicting a valid session identifier, allowing them to impersonate a legitimate agent or join an existing session. Successful exploitation grants high-impact access to confidential data (C:H) and enables integrity violations (I:H), such as unauthorized actions on behalf of the impersonated agent, without requiring user interaction or privileges.

The issue is remediated in Coral Server version 1.1.0. Security practitioners should upgrade to this version immediately. Additional details are available in the GitHub release notes at https://github.com/Coral-Protocol/coral-server/releases/tag/v1.1.0 and the security advisory at https://github.com/Coral-Protocol/coral-server/security/advisories/GHSA-ccx7-7wv9-c55x.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow…

more

an attacker who obtained or predicted a session identifier to impersonate an agent or join an existing session. This vulnerability is fixed in 1.1.0.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1550.004 Web Session Cookie Lateral Movement
Adversaries can use stolen session cookies to authenticate to web applications and services.
Why these techniques?

CVE describes unauthenticated network exploitation of weak session ID handling in a public-facing server (T1190), directly enabling impersonation via predicted/obtained session identifiers as alternate auth material (T1550.004).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-30968Same product: Coralos Coral Server
CVE-2026-30970Same product: Coralos Coral Server
CVE-2026-41471Shared CWE-639
CVE-2023-36331Shared CWE-639
CVE-2026-33297Shared CWE-639
CVE-2026-41084Shared CWE-639
CVE-2024-50685Shared CWE-639
CVE-2019-25235Shared CWE-639
CVE-2026-28469Shared CWE-639
CVE-2026-33511Shared CWE-639

Affected Assets

coralos
coral server
≤ 1.1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SC-23 requires protection of communications session authenticity, directly preventing impersonation by attackers using obtained or predicted session identifiers in active sessions.

prevent

IA-10 employs adaptive and continuous authentication mechanisms during active sessions, enforcing strong authentication between agents and the server beyond session IDs.

prevent

IA-11 mandates re-authentication for organization-defined conditions or privileged operations within sessions, mitigating unauthorized actions by session hijackers.

References