PT-2026-29360

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo YPTSocket plugin's caller feature renders incoming call notifications using the jQuery Toast Plugin, passing the caller's display name directly as the heading parameter. The toast plugin constructs the heading as...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from the failure to disconnect active WebSocket sessions when removing devices or tokens, allowing attackers...

PT-2026-29265

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description The software does not disconnect active WebSocket sessions when devices are removed or tokens are revoked. This allows attackers with revoked credentials to maintain unauthorized access through...

Fedora 43 : cpp-httplib (2026-e76feaf213)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e76feaf213 advisory. Update to 0.38.0 rhbz2447261 - Filename sanitization for path traversal prevention Added sanitizefilename to prevent path traversal attacks via malicious...

Fedora 44 : cpp-httplib (2026-03599f0b32)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-03599f0b32 advisory. Update to 0.38.0 rhbz2447261 - Filename sanitization for path traversal prevention Added sanitizefilename to prevent path traversal attacks via malicious...

CVE-2026-25627

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...

CVE-2026-25627

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...

CVE-2026-25627 nanomq: OOB Read / Crash (DoS) via Malformed MQTT Remaining Length over WebSocket

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...

EUVD-2026-17195

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...

CVE-2026-25627 nanomq: OOB Read / Crash (DoS) via Malformed MQTT Remaining Length over WebSocket

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...

CVE-2026-25627

CVE-2026-25627 affects NanoMQ (MQTT broker) where the MQTT-over-WebSocket transport could crash due to an out-of-bounds read when processing an MQTT packet with a deliberately large Remaining Length. The issue arises because the receive path copies Remaining Length bytes without ensuring the sock...

EUVD-2026-16719

AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket...

AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()

Summary The verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows captured or legitimately obtained tokens to provide permanent WebSocket...

Insufficient Session Expiration

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Insufficient Session Expiration through the verifyTokenSocket function in plugin/YPTSocket/functions.php. An attacker can maintain unauthorized WebSocket access an...

GHSA-2MG4-PFGX-64CF AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()

Summary The verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows captured or legitimately obtained tokens to provide permanent WebSocket...

NanoMQ 缓冲区错误漏洞

NanoMQ is a lightweight and fast MQTT Broker for IoT edge platforms. A buffer overflow vulnerability exists in NanoMQ versions prior to 0.24.8. The vulnerability stems from the MQTT-over-WebSocket transport failing to properly validate the receive buffer size when processing MQTT packets with...

EUVD-2026-16717

AVideo: IDOR in uploadPoster.php Allows Any Authenticated User to Overwrite Scheduled Live Stream Posters and Trigger False Socket Notifications...

AVideo: IDOR in uploadPoster.php Allows Any Authenticated User to Overwrite Scheduled Live Stream Posters and Trigger False Socket Notifications

Summary The plugin/Live/uploadPoster.php endpoint allows any authenticated user to overwrite the poster image for any scheduled live stream by supplying an arbitrary livescheduleid. The endpoint only checks User::isLogged but never verifies that the authenticated user owns the targeted schedule...

GHSA-G3HJ-MF85-679G AVideo: IDOR in uploadPoster.php Allows Any Authenticated User to Overwrite Scheduled Live Stream Posters and Trigger False Socket Notifications

Summary The plugin/Live/uploadPoster.php endpoint allows any authenticated user to overwrite the poster image for any scheduled live stream by supplying an arbitrary livescheduleid. The endpoint only checks User::isLogged but never verifies that the authenticated user owns the targeted schedule...

SUSE CVE-2026-2578

Mattermost versions 11.3.x = 11.3.0 fail to preserve the redacted state of burn-on-read posts during deletion which allows channel members to access unrevealed burn-on-read message contents via the WebSocket post deletion event.. Mattermost Advisory ID: MMSA-2026-00579...