5758 matches found
EUVD-2026-45108
OpenClaw 2026.2.25 before 2026.5.26 allow a lower-trust caller or configured input path to bypass non-browser rate limits on WebSocket authentication attempts. When the affected feature is enabled and reachable by lower-trust input, this can consume gateway resources and reduce service availabili...
EUVD-2026-44798
MCP Python SDK: WebSocket server transport does not support Host/Origin validation...
CVE-2026-62963
CVE-2026-62963 affects Centrifugo prior to 6.8.4. The unidirectional WebSocket transport with uni_websocket.compression enabled did not cap output after decompression in ReadMessage (internal/websocket/conn.go advanceFrame), allowing unauthenticated requests to /connection/uni_websocket to trigge...
CVE-2026-54568 Microsoft UFO: Missing Authorization in DEVICE_INFO_REQUEST Allows a DEVICE Client to Read Another Device's system_info
Microsoft UFO open-source framework for intelligent automation across devices and platforms. From 3.0.0 until 3.0.6, a client connected to the UFO WebSocket server as a DEVICE could call DEVICEINFOREQUEST with another device's targetid and receive that device's server-side systeminfo through...
CVE-2026-54568
Microsoft UFO open-source framework for intelligent automation across devices and platforms. From 3.0.0 until 3.0.6, a client connected to the UFO WebSocket server as a DEVICE could call DEVICEINFOREQUEST with another device's targetid and receive that device's server-side systeminfo through...
CVE-2026-23538
A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...
CVE-2026-23538 Feast: resource exhaustion via websocket endpoint
A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...
CVE-2026-23538
The CVE affects Feast: Feast Feature Server /ws/chat accepts unauthenticated, persistent WebSocket connections. An attacker can open many concurrent connections to exhaust memory, CPU, and file descriptors, causing DoS. Affected software: Feast (Python SDK context cited by SNYK for Feast >=0.1...
CVE-2026-23538
A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...
EUVD-2026-44838
A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...
Linux Distros Unpatched Vulnerability : CVE-2026-62389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments,...
CVE-2026-54458
WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin of every administrator currently viewing a page th...
CVE-2026-49279
WWBN AVideo is an open source video platform. Versions 29.0 and below contain a Stored XSS vulnerability through the autoEvalCodeOnHTML parameter in the MessageSQLite WebSocket Handler. The MessageSQLite.php handler only strips autoEvalCodeOnHTML from $json'msg', but msgToResourceId reads from...
CVE-2026-54458
CVE-2026-54458 (AVideo YPTSocket XSS) affects WWBN’s AVideo with the YPTSocket plugin (versions prior to 29.0). The vulnerability is an unauthenticated stored DOM XSS: getWebSocket.json.php issues a signed WebSocket token; MessageSQLiteV2::onOpen reads webSocketSelfURI and page_title from the Web...
CVE-2026-59950
The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to 1.28.1, the deprecated mcp.server.websocket.websocketserver transport accepted WebSocket handshakes without applying Host or Origin header validation, leaving no SDK-level way to restric...
CVE-2026-49279
CVE-2026-49279 (WWBN AVideo) describes a stored XSS in the WebSocket messaging system. The vulnerability arises because MessageSQLite.php only strips autoEvalCodeOnHTML from json["msg"], while msgToResourceId() favors json over msg, allowing an attacker to place the payload in json and bypass san...
CVE-2026-59950
The MCP Python SDK (package name mcp on PyPI) contains a vulnerability in the deprecated mcp.server.websocket.websocket_server transport prior to version 1.28.1, which accepted WebSocket handshakes without Host or Origin header validation. This prevents restrictions on originating connections to ...
CVE-2026-62389
ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...
CVE-2026-62389 ws < 8.21.1 Default maxFragments Allows Memory Exhaustion DoS
ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...
CVE-2026-62389
CVE-2026-62389 affects the ws WebSocket library up to version 8.21.0 (pre-8.21.1). Root cause: in lib/receiver.js, the fragment guard only triggers when fragment count reaches maxFragments, allowing memory exhaustion by sending incomplete fragmented messages; each fragment is stored as a separate...