Skip to main content

Aider-AI Aider CVE-2026-10177

| EUVD-2026-33497 LOW
Server-Side Request Forgery (SSRF) (CWE-918)
2026-05-31 VulDB GHSA-hchg-qm84-cj9p
SSRF Aider
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Severity Changed
May 31, 2026 - 11:22 NVD
MEDIUM LOW
CVSS changed
May 31, 2026 - 11:22 NVD
6.3 (MEDIUM) 2.1 (LOW)
Source Code Evidence Fetched
May 31, 2026 - 11:01 vuln.today
Analysis Generated
May 31, 2026 - 11:01 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file api_docs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. It is suggested to install a patch to address this issue. The pull request to fix this issue awaits acceptance.

AnalysisAI

Server-side request forgery in Aider-AI Aider 0.86.3 allows authenticated remote attackers to make the application issue arbitrary HTTP requests to internal network resources, including cloud infrastructure metadata endpoints such as the AWS EC2 instance metadata service at 169.254.169.254. The URL scraping component accepts user-supplied URLs without validating whether the destination resolves to private RFC1918 or link-local address space, enabling an attacker to proxy requests through the Aider host. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege Aider credentials
Delivery
Submit URL targeting 169.254.169.254 to scrape endpoint
Exploit
Aider issues unvalidated outbound HTTP request
Execution
Cloud metadata service returns IAM role credentials
Persist
Attacker extracts credentials from response
Impact
Leverage credentials for lateral movement or privilege escalation
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires a low-privilege authenticated session with the Aider instance, confirmed by the CVSS PR:L vector - unauthenticated exploitation is not possible based on available data. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The base CVSS score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) reflects low-privilege authenticated exploitation with no interaction required over the network at low complexity. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated Aider user with any low-privilege account submits a scrape request with the URL `http://169.254.169.254/latest/meta-data/iam/security-credentials/` through Aider's normal web-content scraping interface. Aider issues the HTTP request from its host, retrieves the AWS IAM role credentials attached to the EC2 instance, and returns them to the attacker. …
Remediation Apply the upstream fix from PR #5137 (https://github.com/Aider-AI/aider/pull/5137) once it is merged and a tagged release is cut; a formally released patched version number has not been confirmed in the available data, so monitor the repository for the merge and subsequent release. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-10177 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy