Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Network-reachable service RPC needs only a low-privilege connection (PR:L) and no interaction; SSRF reaches backend resources beyond the component (S:C) with high read impact (C:H) and limited integrity effect.
Primary rating from Vendor (eclipse).
CVSS VectorVendor: eclipse
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller.
Because the destination URL is neither validated nor allowlisted, a remote attacker with access to the Theia service connection can issue server-side HTTP requests to localhost or other backend-reachable hosts and read their responses, exposing internal administrative endpoints, cloud instance metadata services, and other resources that are intentionally outside the browser network boundary.
The vulnerability affects deployments where the Theia service connection is reachable by untrusted users (for example, multi-tenant or publicly-reachable Theia deployments).
AnalysisAI
Server-side request forgery in Eclipse Theia (version 1.26.0 and later) lets a low-privileged user connected to the /services messaging endpoint coerce the backend into fetching an attacker-supplied URL and returning the full response body, exposing localhost admin interfaces and cloud instance metadata that sit behind the browser network boundary. The flaw is exploitable by any client with access to the Theia service connection, making multi-tenant and publicly-reachable deployments the primary concern. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires the Theia /services messaging endpoint (specifically the backend /services/request-service RPC) to be network-reachable by the attacker, and the attacker must hold a standard low-privilege connection to that service (CVSS PR:L, so authenticated at a low level per the vector). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor CVSS 3.1 score of 8.5 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N) reflects a network-reachable, low-complexity attack requiring only low privilege (any connected /services client) with a changed scope, since the impact reaches backend resources beyond the vulnerable component. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An untrusted user on a shared, internet-facing Theia instance connects to the /services endpoint and invokes request-service with a URL of http://169.254.169.254/latest/meta-data/iam/security-credentials/, receiving the cloud instance's temporary IAM credentials in the response body. They then reuse those credentials to access cloud resources, or point the same request-service at http://localhost admin panels to read configuration otherwise hidden behind the network boundary. … |
| Remediation | Consult the Eclipse Theia security advisory GHSA-2m57-xxmh-v696 (https://github.com/eclipse-theia/theia/security/advisories/GHSA-2m57-xxmh-v696) and the Eclipse tracker work item 446 for the fixed release; the provided data does not include an exact fixed version, so upgrade to the patched release named in that advisory once confirmed. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: identify all Eclipse Theia instances (1.26.0+) and classify by exposure level (public vs. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Eclipse Theia
View allCross-site WebSocket hijacking in Eclipse Theia's browser backend (versions 1.8.1 and later) lets a foreign-origin web p
Arbitrary command execution in Eclipse Theia versions prior to 1.69.0 allows a malicious repository to run host commands
Indirect prompt injection in Eclipse Theia before 1.71.0 allows a malicious repository to automatically override the AI
Indirect prompt injection in Eclipse Theia versions prior to 1.71.0 allows attackers who control a workspace's filesyste
Unconstrained Markdown image rendering in Eclipse Theia's AI chat component, in all versions prior to 1.71.0, enables si
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41531