Coco Annotator

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-2109 MEDIUM POC This Month

Coco Annotator through version 0.11.1 contains an authorization bypass in the Delete Category Handler endpoint (/api/undo/) that allows authenticated attackers to manipulate category IDs and access or modify unauthorized data. The vulnerability requires valid credentials but can be exploited remotely with public exploit code available. No patch is currently available from the vendor.

Information Disclosure Coco Annotator
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2108 MEDIUM POC This Month

Coco Annotator versions up to 0.11.1. is affected by improper resource shutdown or release (CVSS 5.3).

Denial Of Service Coco Annotator
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-2109
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Coco Annotator through version 0.11.1 contains an authorization bypass in the Delete Category Handler endpoint (/api/undo/) that allows authenticated attackers to manipulate category IDs and access or modify unauthorized data. The vulnerability requires valid credentials but can be exploited remotely with public exploit code available. No patch is currently available from the vendor.

Information Disclosure Coco Annotator
NVD GitHub VulDB
CVE-2026-2108
EPSS 0% CVSS 5.3
MEDIUM POC This Month

Coco Annotator versions up to 0.11.1. is affected by improper resource shutdown or release (CVSS 5.3).

Denial Of Service Coco Annotator
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy