Tag
high
advisory
Coder `coder open app` Session Token Leakage Vulnerability (CVE-2026-55431)
1 TTP 1 IOCA high-severity vulnerability, CVE-2026-55431, in the Coder CLI's `coder open app` command allows malicious workspace template authors to exfiltrate user session tokens via crafted external app URLs, leading to full account impersonation.
coder/coder/v2 +3
credential-access
vulnerability
cli-exploitation
token-leakage
coder
1t
1i
high
advisory
GitHub CLI Incorrectly Includes Authorization Header in API Requests
2 rules 1 TTP 3 IOCsGitHub CLI versions 2.92.0 and earlier incorrectly include authorization headers in API requests to TUF repository mirrors and external hosts when using the `gh attestation`, `gh release verify`, and `gh release verify-asset` commands, potentially exposing sensitive tokens.
cli/cli/v2 +1
github
cli
token leakage
api
2r
1t
3i
high
advisory
Oxia Bearer Token Exposure in Debug Logs
2 rules 1 TTPOxia exposes the full bearer token, including JWT header, payload, and signature, in debug log messages when OIDC authentication fails, allowing attackers with log access to replay the tokens.
Oxia
jwt
token leakage
credential access
2r
1t