Product
critical
advisory
Coder Azure Instance Identity PKCS#7 Signature Bypass Leads to Unauthenticated Agent Token Theft (CVE-2026-46354)
3 rules 3 TTPsCoder is vulnerable to a PKCS#7 signature bypass in Azure instance identity (CVE-2026-46354), allowing unauthenticated agent token theft via a forged vmId, enabling access to Git SSH private keys, OAuth access tokens, and workspace secrets.
Coder v2 +4
pkcs7
azure
instance identity
signature bypass
unauthenticated access
credential theft
cve-2026-46354
coder
3r
3t
critical
advisory
Arcane Git Repository Authentication Bypass Leads to Credential Exfiltration and GitOps Tampering (CVE-2026-45625)
2 rules 5 TTPs 1 IOCArcane's REST API lacks proper admin authorization checks on Git repository management endpoints, allowing any authenticated user to exfiltrate stored Git credentials and tamper with GitOps configurations by redirecting credential requests to an attacker-controlled host.
arcane backend +2
credential-access
privilege-escalation
supply-chain-compromise
denial-of-service
information-disclosure
cloud
authentication-bypass
2r
5t
1i