Missing Origin Validation in WebSockets

Overview kanban is an A kanban foundation for coding agents Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets due to the lack of enforcement of origin and host policy. An attacker can gain unauthorized access to sensitive data and perform actions on behal...

CVE-2026-1692

A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker to lure a successfully authenticated user to a...

PT-2025-2806 · Flxeon · Flxeon

Name of the Vulnerable Software and Affected Versions: FLXEON versions through = 9.3.4 Description: The issue is related to a lack of origin validation in WebSockets, which allows unauthorized HTTPS requests due to insufficient session management. This can be exploited by a remote attacker to...

CVE-2023-26114

Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes. Exploiting this vulnerability can allow an adversary in specific scenarios to access data from and connect to the code-server instance...