CVE-2026-30970
Published: 10 March 2026
Summary
CVE-2026-30970 is a critical-severity Missing Authorization (CWE-862) vulnerability in Coralos Coral Server. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
AC-3 enforces approved authorizations for access to system resources, directly mitigating unauthorized session creation via the /api/v1/sessions endpoint.
AC-14 explicitly authorizes and limits actions performable without identification or authentication, ensuring resource-intensive session creation requires authentication.
SC-14 controls access to publicly accessible systems like the Coral Server API endpoint with established terms and conditions, preventing unauthenticated resource consumption.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability allows unauthenticated remote exploitation of a public-facing API endpoint (T1190) to spawn resource-intensive containers and memory contexts, enabling endpoint DoS via application exhaustion flood (T1499.003) or application exploitation (T1499.004).
NVD Description
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server allowed the creation of agent sessions through the /api/v1/sessions endpoint without strong authentication. This endpoint performs resource-intensive…
more
initialization operations including container spawning and memory context creation. An attacker capable of accessing the endpoint could create sessions or consume system resources without proper authorization. This vulnerability is fixed in 1.1.0.
Deeper analysisAI
CVE-2026-30970 affects Coral Server, an open collaboration infrastructure for communication, coordination, trust, and payments in The Internet of Agents. In versions prior to 1.1.0, the /api/v1/sessions endpoint permits the creation of agent sessions without strong authentication. This endpoint executes resource-intensive operations, such as container spawning and memory context creation, enabling unauthorized resource consumption. The vulnerability is classified under CWE-862 (Missing Authorization) with a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H).
Any network-accessible attacker can exploit this vulnerability without privileges, authentication, or user interaction by repeatedly invoking the /api/v1/sessions endpoint. Successful exploitation allows creation of unauthorized agent sessions, leading to high integrity impacts through improper session management and high availability impacts via resource exhaustion from container and memory operations.
The vulnerability is addressed in Coral Server version 1.1.0, as detailed in the project's release notes and GitHub security advisory (GHSA-wqfm-hhqf-9hgp). Security practitioners should upgrade to 1.1.0 or later and review access controls on exposed API endpoints to prevent unauthorized session creation.
Details
- CWE(s)