<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Coder (Vulnerable: &gt;= 2.34.0, &lt; 2.34.2) - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/coder-vulnerable--2.34.0--2.34.2/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Mon, 06 Jul 2026 21:05:20 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/coder-vulnerable--2.34.0--2.34.2/feed.xml" rel="self" type="application/rss+xml"/><item><title>Coder's Workspace App Vulnerability Allows Cross-Workspace Agent Rebinding</title><link>https://feed.craftedsignal.io/briefs/2026-07-coder-workspace-rebind/</link><pubDate>Mon, 06 Jul 2026 21:05:20 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-coder-workspace-rebind/</guid><description>A critical authorization bypass vulnerability (CVE-2026-55429) exists in Coder's workspace application, allowing an attacker with template authorship or external provisioner access to rebind a victim's workspace app to their own agent, enabling them to proxy and compromise the victim's IDE and terminal sessions.</description><content:encoded><![CDATA[<p>A critical authorization bypass vulnerability, identified as CVE-2026-55429, has been discovered in Coder's workspace application versions prior to v2.34.2, v2.33.8, v2.32.7, and v2.29.17. The flaw resides in the <code>UpsertWorkspaceApp</code> and <code>insertAgentApp</code> functions, which fail to properly verify ownership of an app ID during the <code>CompleteJob</code> payload processing. This allows an attacker with pre-existing elevated access, specifically as a template author or external provisioner operator, to rebind a victim's workspace application to their own malicious agent. First disclosed by Anthropic's Security Team, this vulnerability enables attackers to intercept and proxy a victim's IDE and terminal sessions, leading to unauthorized access, data exposure, and potential compromise of development environments. Defenders must prioritize upgrading their Coder instances to the patched versions immediately to mitigate this severe risk.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Attacker gains elevated access:</strong> The attacker acquires &quot;template authorship&quot; or &quot;external provisioner operator&quot; privileges within the Coder environment, which is a prerequisite for exploitation.</li>
<li><strong>Victim app ID discovery:</strong> The attacker uses the Coder public API to identify and obtain the unique UUID of a target victim's workspace application.</li>
<li><strong>Attacker creates malicious agent:</strong> The attacker sets up their own workspace and agent, which will be used to intercept the victim's traffic.</li>
<li><strong>Craft <code>CompleteJob</code> payload:</strong> The attacker constructs a <code>CompleteJob</code> payload containing the victim's discovered app UUID and their own malicious agent ID.</li>
<li><strong>Submit payload:</strong> The attacker submits the crafted <code>CompleteJob</code> payload to the Coder system, leveraging their elevated provisioner permissions.</li>
<li><strong>Cross-workspace agent rebinding:</strong> The <code>UpsertWorkspaceApp</code> function, vulnerable to the ID conflict, overwrites the <code>agent_id</code> associated with the victim's app UUID, reassigning it to the attacker's agent ID.</li>
<li><strong>Traffic interception:</strong> Subsequent network traffic, including IDE and terminal sessions initiated by the victim for their workspace application, is transparently proxied to the attacker's workspace and agent.</li>
<li><strong>Session compromise:</strong> The attacker can now monitor, control, and potentially exfiltrate data from the victim's development environment sessions, leading to unauthorized access and data compromise.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-55429 allows an attacker with pre-existing elevated permissions to effectively hijack a victim's Coder workspace sessions. This means all activity within the victim's IDE and terminal, including sensitive data, code, credentials, and commands, can be monitored and manipulated by the attacker. This privilege escalation enables unauthorized access to intellectual property, potential insertion of malicious code, and broader compromise of development pipelines, affecting all users of vulnerable Coder instances across various sectors utilizing the platform for development environments.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Prioritize patching all Coder instances to versions v2.34.2, v2.33.8, v2.32.7, or v2.29.17 to remediate CVE-2026-55429.</li>
<li>Regularly review and limit permissions for &quot;template author&quot; and &quot;external provisioner operator&quot; roles to only essential personnel to reduce the attack surface for CVE-2026-55429.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>vulnerability</category><category>privilege-escalation</category><category>coder</category><category>application</category></item></channel></rss>