5317 matches found
PT-2026-23535
Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.1.20 through 2026.2.0 moltbot versions 0.1.0 and earlier Description The Browser Relay /cdp WebSocket endpoint did not require authentication, allowing websites to connect via loopback and access sensitive data. Attacker...
📄 BeyondTrust Remote Support / Privileged Remote Access Remote Code Execution
A critical pre‑authentication remote code execution vulnerability identified as CVE-2026-1731 affects products from BeyondTrust, specifically Remote Support and Privileged Remote Access. The vulnerability allows an unauthenticated attacker to execute arbitrary commands on a vulnerable system by...
PT-2026-23547
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.2 Description The gateway WebSocket connect handshake allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity...
LightLLM 代码问题漏洞
LightLLM is an open-source language model inference and service framework developed by ModelTC. Versions of LightLLM 1.1.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from unauthenticated or improperly authenticated WebSocket endpoints exposed by PD master nodes, whi...
PT-2026-20952
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description The Gateway tool in OpenClaw accepted a tool-supplied gatewayUrl without sufficient restrictions, potentially causing the OpenClaw host to attempt outbound WebSocket connections to user-specifie...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the WebSocket component. An attacker can obtain sensitive information, including password hashes and MFA secrets, by triggering profile nickname updates or email verification events. Remediation Upgrade...
Information Exposure
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Information Exposure via the WebSocket component. An attacker can obtain sensitive information, including password hashes and MFA secrets, by...
EUVD-2026-6101
The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...
Mattermost fails to sanitize sensitive data in WebSocket messages
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
EUVD-2025-206981
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
GHSA-PP9J-PF5C-659X Mattermost fails to sanitize sensitive data in WebSocket messages
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
CVE-2025-13821
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
CVE-2025-13821
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
CVE-2025-13821 User profile update exposes password hash and MFA secrets
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
CVE-2025-13821 User profile update exposes password hash and MFA secrets
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
CVE-2025-13821
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...
CVE-2025-13821
Mattermost servers of versions 10.11.x <= 10.11.9 , 11.1.x <= 11.1.2 , and 11.2.x
Command Injection
@signalk/set-system-time, is vulnerable to command injection. The vulnerability is due to unsafe construction of shell commands while processing navigation.datetime values via WebSocket delta messages, which allows an attacker with write access or unauthenticated access when security is disabled ...
CVE-2026-2577
The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...
CVE-2026-2577
The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...