Package impact
Go / github.com/coder/coder
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46354 | critical | — | 9.5 | 11d ago | Coder: PKCS#7 signature bypass in Azure instance identity allows unauthenticated agent token theft | |||
| CVE-2026-45796 | medium | — | 5.5 | 11d ago | Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint |