CVE-2026-7681 Overview
CVE-2026-7681 is an authorization bypass vulnerability in jsbroks COCO Annotator versions up to 0.11.1. The flaw resides in the Dataset API, specifically in backend/webserver/api/datasets.py, where manipulation of the DatasetId argument allows attackers to bypass authorization checks. The weakness is classified under [CWE-285: Improper Authorization]. Remote attackers can exploit this issue without authentication or user interaction. The exploit details have been disclosed publicly. The vendor was contacted prior to disclosure but did not respond.
Critical Impact
Remote attackers can modify dataset resources without authentication, compromising the integrity and availability of annotation data managed by COCO Annotator deployments.
Affected Products
- jsbroks COCO Annotator versions up to and including 0.11.1
- Component: Dataset API (backend/webserver/api/datasets.py)
- Deployments exposing the COCO Annotator backend over the network
Discovery Timeline
- 2026-05-03 - CVE-2026-7681 published to NVD
- 2026-05-05 - Last updated in NVD database
Technical Details for CVE-2026-7681
Vulnerability Analysis
COCO Annotator is a web-based image annotation tool used to create training datasets for computer vision models. The vulnerability affects the dataset management endpoints implemented in backend/webserver/api/datasets.py. The application accepts a DatasetId parameter from the client but does not properly verify whether the requesting user is authorized to operate on the referenced dataset.
Because the affected endpoint is reachable over the network and requires no authentication, an attacker can issue requests directly to the Dataset API. The flaw enables unauthorized modification of dataset records belonging to other users or projects. Confidentiality is not directly impacted, but integrity and availability of dataset resources are degraded.
Root Cause
The root cause is missing authorization enforcement on dataset operations. The handler trusts the DatasetId provided in the request without confirming that the caller has rights over that dataset. This is a classic [CWE-285] failure where authentication state, dataset ownership, and per-resource permission checks are not validated before performing privileged operations.
Attack Vector
The attack vector is network-based with low complexity. An attacker sends a crafted HTTP request to the Dataset API endpoint, supplying an arbitrary DatasetId. The server processes the request without verifying ownership, allowing the attacker to alter dataset state. No credentials, tokens, or user interaction are required. Public disclosure of the technique through the GitHub Vulnerability Research Program lowers the barrier to exploitation.
// No verified exploit code available.
// See the disclosure repository for technical details:
// https://github.com/natanmorette-thoropass/thoropass-vuln-research-program
Detection Methods for CVE-2026-7681
Indicators of Compromise
- Unexpected modifications, deletions, or metadata changes to datasets in COCO Annotator that do not correspond to authenticated user activity.
- HTTP requests to /api/dataset/<DatasetId> endpoints originating from unauthenticated sessions or unusual IP addresses.
- Dataset audit log gaps or entries lacking a valid associated user identifier.
Detection Strategies
- Inspect web server and application logs for requests to Dataset API routes that lack valid session cookies or Authorization headers.
- Correlate dataset state changes with user authentication events to identify modifications without a corresponding logged-in user.
- Review reverse proxy logs for high request volume targeting dataset identifiers in sequential or enumerated patterns.
Monitoring Recommendations
- Enable verbose request logging on the COCO Annotator backend, capturing source IP, request method, path, and authentication context.
- Place the application behind a reverse proxy that enforces authentication and logs every dataset endpoint request for review.
- Alert on anomalous dataset operations occurring outside of normal annotation workflow hours.
How to Mitigate CVE-2026-7681
Immediate Actions Required
- Restrict network exposure of COCO Annotator deployments to trusted internal networks or VPNs until a vendor patch is available.
- Place the application behind an authenticating reverse proxy that requires valid credentials before forwarding requests to the Dataset API.
- Audit existing datasets for unauthorized modifications and restore from backups where tampering is confirmed.
Patch Information
No official vendor patch is available at the time of publication. The vendor was contacted prior to public disclosure but did not respond. Organizations operating COCO Annotator should monitor the project repository for security updates and review the VulDB advisory for additional context.
Workarounds
- Add an authentication layer such as HTTP basic auth or OAuth2 proxy in front of the COCO Annotator backend to block unauthenticated requests.
- Apply network-level access controls (firewall rules, security groups) limiting access to the Dataset API to known administrator IP addresses.
- Implement application-level patches that validate dataset ownership against the authenticated user before processing requests to backend/webserver/api/datasets.py.
# Example: restrict COCO Annotator backend to localhost via firewall (Linux iptables)
iptables -A INPUT -p tcp --dport 5000 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 5000 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
