Lucene search
K

5734 matches found

CVE
CVE
added 6 hours ago19 views

CVE-2026-23538

The CVE affects Feast: Feast Feature Server /ws/chat accepts unauthenticated, persistent WebSocket connections. An attacker can open many concurrent connections to exhaust memory, CPU, and file descriptors, causing DoS. Affected software: Feast (Python SDK context cited by SNYK for Feast >=0.1...

7.5CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 6 hours ago7 views

EUVD-2026-44838

A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...

7.5CVSS6.1AI score
Exploits0References3
CVE
CVE
added yesterday15 views

CVE-2026-54458

CVE-2026-54458 (AVideo YPTSocket XSS) affects WWBN’s AVideo with the YPTSocket plugin (versions prior to 29.0). The vulnerability is an unauthenticated stored DOM XSS: getWebSocket.json.php issues a signed WebSocket token; MessageSQLiteV2::onOpen reads webSocketSelfURI and page_title from the Web...

9.6CVSS6.3AI score
Exploits0References2
CVE
CVE
added yesterday22 views

CVE-2026-49279

CVE-2026-49279 (WWBN AVideo) describes a stored XSS in the WebSocket messaging system. The vulnerability arises because MessageSQLite.php only strips autoEvalCodeOnHTML from json["msg"], while msgToResourceId() favors json over msg, allowing an attacker to place the payload in json and bypass san...

7.7CVSS6.3AI score0.0013EPSS
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-59950

The MCP Python SDK (package name mcp on PyPI) contains a vulnerability in the deprecated mcp.server.websocket.websocket_server transport prior to version 1.28.1, which accepted WebSocket handshakes without Host or Origin header validation. This prevents restrictions on originating connections to ...

7.6CVSS6.1AI score
Exploits0References4
NVD
NVD
added yesterday5 views

CVE-2026-62389

ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...

8.7CVSS
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-44729

ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...

8.7CVSS6.1AI score
Exploits0References4
Cvelist
Cvelist
added yesterday10 views

CVE-2026-62389 ws < 8.21.1 Default maxFragments Allows Memory Exhaustion DoS

ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...

8.7CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2026-62389

ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...

8.7CVSS6.1AI score
Exploits0References5
CVE
CVE
added yesterday5 views

CVE-2026-62389

CVE-2026-62389 affects the ws WebSocket library up to version 8.21.0 (pre-8.21.1). Root cause: in lib/receiver.js, the fragment guard only triggers when fragment count reaches maxFragments, allowing memory exhaustion by sending incomplete fragmented messages; each fragment is stored as a separate...

8.7CVSS6.1AI score
Exploits0References4
RedHat Linux
RedHat Linux
added yesterday3 views

undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames

A flaw was found in undici. A malicious WebSocket server can exploit this by streaming numerous small or empty continuation frames. This can bypass per-frame and cumulative-size validation, leading to unbounded memory growth in the client process. The primary consequence is memory exhaustion,...

7.5CVSS6.9AI score0.00789EPSS
Exploits0References6
NVD
NVD
added 2 days ago4 views

CVE-2026-49854

Tornado is a Python web framework and asynchronous networking library. Prior to 6.5.6, the optional native extension tornado.speedups implemented websocketmask without validating that the mask argument is exactly four bytes, allowing the C function to read up to three bytes beyond the provided...

5.3CVSS0.0045EPSS
Exploits0References4
CVE
CVE
added 2 days ago77 views

CVE-2026-49854

Summary: Tornado’s optional native extension tornado.speedups mishandles the websocket_mask length, reading beyond a four-byte buffer when invoked through the XSRF token decoder with the extension active. This out-of-bounds access affects Tornado up to version 6.5.5 and is fixed in 6.5.6. Impact:...

5.3CVSS6.1AI score0.0045EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-49854 Tornado: Out-of-bounds memory access in C extension

Tornado is a Python web framework and asynchronous networking library. Prior to 6.5.6, the optional native extension tornado.speedups implemented websocketmask without validating that the mask argument is exactly four bytes, allowing the C function to read up to three bytes beyond the provided...

5.3CVSS0.0045EPSS
Exploits0References4
NVD
NVD
added 2 days ago4 views

CVE-2026-15709

A flaw was found in libsoup's WebSocket implementation when using the permessage-deflate extension. The extension's decompression loop inflate processes data in chunks without enforcing an upper boundary limit on the output buffer size. While libsoup limits the incoming compressed frame size via...

7.5CVSS0.00548EPSS
Exploits0References3
NVD
NVD
added 2 days ago3 views

CVE-2026-15711

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames e.g., PING, PONG, CLOSE contain a payload of 125 bytes or less. A remote, unauthenticated attacker...

7.5CVSS0.00431EPSS
Exploits0References3
CVE
CVE
added 2 days ago5 views

CVE-2026-15711

The CVE describes a vulnerability in libsoup’s WebSocket frame parsing. The flaw stems from failing to validate length rules for WebSocket control frames as specified in RFC 6455 §5.5, allowing an oversized control frame to be sent by a remote, unauthenticated attacker. The parser does not termin...

7.5CVSS6.1AI score0.00431EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-15711 Libsoup: soupwebsocketconnection: libsoup: websocket remote denial of service via oversized control frame protocol violation

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames e.g., PING, PONG, CLOSE contain a payload of 125 bytes or less. A remote, unauthenticated attacker...

7.5CVSS0.00431EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-15711

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames e.g., PING, PONG, CLOSE contain a payload of 125 bytes or less. A remote, unauthenticated attacker...

7.5CVSS6AI score0.00431EPSS
Exploits0References4
CVE
CVE
added 2 days ago7 views

CVE-2026-15709

The CVE concerns libsoup's WebSocket permessage-deflate implementation. The decompression loop (inflate()) can allocate memory without an upper bound, as output size is not bounded during decompression even though max_incoming_payload_size limits input frames. A separate check for decompressed si...

7.5CVSS6.1AI score0.00548EPSS
Exploits0References3
Rows per page
Query Builder