Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-10055
PUBLISHED
More InfoOfficial Page
Assigner-eclipse
Assigner Org ID-e51fbebd-6053-4e49-959f-1b94eeb69a2c
View Known Exploited Vulnerability (KEV) details
Published At-03 Jul, 2026 | 10:30
Updated At-03 Jul, 2026 | 10:30
Rejected At-
▼CVE Numbering Authority (CNA)

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the destination URL is neither validated nor allowlisted, a remote attacker with access to the Theia service connection can issue server-side HTTP requests to localhost or other backend-reachable hosts and read their responses, exposing internal administrative endpoints, cloud instance metadata services, and other resources that are intentionally outside the browser network boundary. The vulnerability affects deployments where the Theia service connection is reachable by untrusted users (for example, multi-tenant or publicly-reachable Theia deployments).

Affected Products
Vendor
Eclipse Foundation AISBLEclipse Foundation
Product
Eclipse Theia
Default Status
unaffected
Versions
Affected
  • From 1.26.0 before 1.73.0 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-918CWE-918 Server-Side request forgery (SSRF)
CWECWE-200CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Type: CWE
CWE ID: CWE-918
Description: CWE-918 Server-Side request forgery (SSRF)
Type: CWE
CWE ID: CWE-200
Description: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Metrics
VersionBase scoreBase severityVector
3.18.5HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Version: 3.1
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-664CAPEC-664 Server Side Request Forgery
CAPEC ID: CAPEC-664
Description: CAPEC-664 Server Side Request Forgery
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
Ziyue
reporter
Chenchen
reporter
Strick
reporter
Liyi
reporter
Maurice
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/eclipse-theia/theia/security/advisories/GHSA-2m57-xxmh-v696
N/A
https://gitlab.eclipse.org/security/vulnerability-reports/-/work_items/446
N/A
Hyperlink: https://github.com/eclipse-theia/theia/security/advisories/GHSA-2m57-xxmh-v696
Resource: N/A
Hyperlink: https://gitlab.eclipse.org/security/vulnerability-reports/-/work_items/446
Resource: N/A
Details not found