CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-55435

mediumCVSS 5.4covered by 2 sourcesfirst seen 2026-07-06
Summary AI Bridge proxy endpoints authenticate via Server.IsAuthorized in coderd/aibridgedserver, which validates key format, expiry, secret and deleted or system users but does not check whether the account is suspended. Because suspension does not revoke existing API keys, a suspended user's unexpired token keeps working. Note: Practical impact is limited to already-issued API keys of suspended users until those keys are deleted. Impact A suspended user with a previously issued long-lived token could continue calling AI Bridge LLM proxy endpoints, consuming paid provider resources billed to the deployment and, if injected MCP tools are enabled, invoking those tools. Access persists until the token expires, which may be months after suspension. Patches The fix makes AI Bridge authorization reject non-active users like the standard API key middleware. AI Bridge was introduced in v2.30.0. The v2.29 ESR line is not affected. The fix is available in the following releases: | Release line | Patched version | |---|---| | 2.34 | v2.34.2 | | 2.33 | v2.33.8 | | 2.32 | v2.32.7 | Workarounds On suspension, delete the user's API keys via DELETE /api/v2/users/{user}/keys. Resources - Fix: #26173 Credits Coder would like to thank Anthropic's Security Team (ANT-2026-22446) for independently disclosing this issue!

⚡ Watch CVE-2026-55435

Get an email if CVE-2026-55435 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-55435

CVE.org record

Embed the live status

CVE-2026-55435 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-55435 status](https://www.csirts.com/badge/CVE-2026-55435)](https://www.csirts.com/cve/CVE-2026-55435)