FLAT-I0P17 (CVE-2026-46354)
Insufficient data authenticity validation In github.com/coder/coder
8.1
High
Ecosystem: Go
Package: github.com/coder/coder
FLAT-IUGC1 (CVE-2026-45796)
Server-side request forgery (SSRF) In github.com/coder/coder
6.8
Medium
Ecosystem: Go
Package: github.com/coder/coder
FLAT-H7WC2 (CVE-2025-66411)
Sensitive information stored in logs In github.com/coder/coder
5.6
Medium
Ecosystem: Go
Package: github.com/coder/coder
FLAT-A1GMX (CVE-2025-58437)
Excessive privileges In github.com/coder/coder
6.2
Medium
Ecosystem: Go
Package: github.com/coder/coder
FLAT-RLMEV (GHSA-3rw9-wmc8-8948)
Insecure session management In github.com/coder/coder
0.6
Low
Ecosystem: Go
Package: github.com/coder/coder
FLAT-YUY1W (GHSA-wcx9-ccpj-hx3c)
Uncontrolled external site redirect In github.com/coder/coder
1.3
Low
Ecosystem: Go
Package: github.com/coder/coder
FLAT-K6D2G (CVE-2024-27918)
Lack of data validation In github.com/coder/coder/v2
6.7
Medium
Ecosystem: Go
Package: github.com/coder/coder/v2