CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

147 matches found

NVD•added 2026/05/26 10:16 p.m.•8 views

CVE-2026-44985

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: funcr http.Request bool return true , accepting upgrade requests from any origin. Combined with the JWT cookie using SameSite: Lax, this enables...

9.6CVSS0.00007EPSS

Exploits1References2

ATTACKERKB•added 2026/05/26 9:58 p.m.•5 views

CVE-2026-44985

8.7CVSS5.8AI score0.00007EPSS

Exploits1References3Affected Software1

EUVD•added 2026/05/13 9:32 p.m.•5 views

EUVD-2025-209829

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a cross-site origin WebSocket hijacking attack. Among other uses, the WDU utilizes WebSockets to control settings, including administrative settings. This allows a network attacker to take full control of a WDU. To initiate ...

5.6AI score0.00017EPSS

Exploits0References3

Github Security Blog•added 2026/05/07 2:34 a.m.•8 views

Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users

Summary Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to the user's dashboard and read their Kubernetes logs in real time. Thi...

6.5CVSS5.8AI score0.00006EPSS

Exploits0References3Affected Software2

OSV•added 2026/05/07 2:34 a.m.•2 views

GHSA-V8J7-HP7C-738F Kubetail has a Cross-Site WebSocket Hijacking issue that allows attacker to read Kubernetes logs from authenticated users

6.5CVSS5.8AI score0.00006EPSS

Exploits0References3

ATTACKERKB•added 2026/04/20 8:16 p.m.•1 views

CVE-2026-34403

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true, allowing Cross-Site WebSocket Hijacking CSWSH. Combined with the fact that authentication tokens...

6.9CVSS5.7AI score0.00043EPSS

Exploits1References3Affected Software1

NVD•added 2026/04/14 11:16 p.m.•1 views

CVE-2026-35589

nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking CSWSH vulnerability exists in the bridge's WebSocket server in bridge/src/server.ts, resulting from an incomplete remediation of CVE-2026-2577. The original fix changed the binding from 0.0.0.0 to...

9.3CVSS0.0003EPSS

Exploits1References2

CVE•added 2026/04/14 10:47 p.m.•5 views

CVE-2026-35589

In nanobot versions before 0.1.5, the bridge’s WebSocket server (bridge/src/server.ts) binds to all interfaces (0.0.0.0) and does not validate the Origin header, enabling Cross-Site WebSocket Hijacking (CSWSH). Token authentication is disabled by default, allowing any website visited by a user to...

9.3CVSS7.4AI score0.0003EPSS

Exploits1References2Affected Software1

OSV•added 2026/03/12 8:32 p.m.•0 views

GHSA-5WCW-8JJV-M286 OpenClaw: Untrusted web origins can obtain authenticated operator.admin access in trusted-proxy mode

Summary In affected versions of openclaw, browser-originated WebSocket connections could bypass origin validation when gateway.auth.mode was set to trusted-proxy and the request arrived with proxy headers. A page served from an untrusted origin could connect through a trusted reverse proxy, inher...

8.1CVSS5.7AI score0.00021EPSS

Exploits0References5

Packet Storm•added 2026/02/02 12:0 a.m.•126 views

📄 Mailpit 1.28.1 Cross Site WebSocket Hijacking

A cross site websocket hijacking vulnerability exists in Mailpit versions 1.28.1 and below. The vulnerability allows remote attackers to intercept sensitive data such as email contents, headers, and server statistics in real-time. Mailpit - Cross-Site WebSocket Hijacking CSWSH Advisory ID:...

6.5CVSS5.1AI score0.00012EPSS

Exploits2

Github Security Blog•added 2026/01/13 3:11 p.m.•7 views

Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails

Summary The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally,...

6.5CVSS6.6AI score0.00012EPSS

Exploits2References4Affected Software1