CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

Linux Distros Unpatched Vulnerability : CVE-2026-33219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a malicious client which c...

CVE-2026-33219 NATS is vulnerable to pre-auth DoS through WebSockets client service

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a malicious client which can connect to the WebSockets port can cause unbounded memory use in the nats-server before authentication; this requires sending a...

CVE-2026-1692

A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker to lure a successfully authenticated user to a...

CVE-2026-1692

PcVue (versions 12.0.0–16.3.3) contains a missing origin validation flaw in WebSockets within GraphicalData web services, specifically affecting the two endpoints GraphicalData/js/signalR/connect and GraphicalData/js/signalR/reconnect. The issue could allow a remote attacker to entice an authenti...

EUVD-2010-3253

Malware in sbrugna...

EUVD-2011-3074

Malware in sbrugna...

EUVD-2013-3286

Malware in sbrugna...

EUVD-2010-3250

Malware in sbrugna...

EUVD-2023-34332

Malicious code in bioql PyPI...

EUVD-2024-54844

Malicious code in bioql PyPI...

EUVD-2024-43246

Malicious code in bioql PyPI...

CVE-2024-51775

Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin. The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended ...

Apache Zeppelin: Missing Origin Validation in WebSockets vulnerability

Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin. The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended...

CVE-2024-51775

Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin. The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended...

CVE-2024-51775 Apache Zeppelin: Command Injection via CSWSH

Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin. The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended...

CVE-2024-48849

Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficient to prevent unauthorized HTTPS requests. This issue affects FLXEON: through = 9.3.4...

CVE-2024-48849 Authentication and Authorization Issues

Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficient to prevent unauthorized HTTPS requests. This issue affects FLXEON: through = 9.3.4...

CVE-2024-48849

CVE-2024-48849 affects ABB FLXeon devices (firmware

@agentlab/ldkg-ui-basetable (=0.1.1), @agentlab/ldkg-ui-charts (>=0.1.2 <=0.1.7) +163 more potentially affected by CVE-2021-32640 via ws (>=5.0.0 <=5.2.2)

ws NPM version =5.0.0, =0.1.2, =0.3.7, =0.1.8, =1.0.0, =1.0.0, =1.0.17-beta, =1.3.6, =0.1.0, =3.0.0, =3.0.0, =1.0.21, =1.0.27 and more Source cves: CVE-2021-32640 Source advisory: OSV:GHSA-6FC8-4GX4-V693...