PT-2026-5584

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.1.29 Description An authentication bypass issue exists in the WebSocket gateway of OpenClaw. The software fails to validate the user-supplied gatewayUrl parameter before initializing WebSocket connections. This...

CVE-2026-21883 Bokeh server applications have Incomplete Origin Validation in WebSockets

Bokeh is an interactive visualization library written in Python. In versions 3.8.1 and below, if a server is configured with an allowlist e.g., dashboard.corp, an attacker can register a domain like dashboard.corp.attacker.com or use a subdomain if applicable and lure a victim to visit it. The...

EUVD-2020-8233

Malware in sbrugna...

EUVD-2020-8232

Malware in sbrugna...

EUVD-2019-15106

Malware in sbrugna...

EUVD-2024-54339

Malicious code in bioql PyPI...

EUVD-2024-17392

Malicious code in bioql PyPI...

libsoup: Denial of Service attack to websocket server

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

CVE-2022-24968

In Mellium mellium.im/xmpp through 0.21.0, an attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification...

Hitachi Energy's RTU500 series NULL Pointer Deference (CVE-2024-10037)

A vulnerability exists in the RTU500 web server com- ponent that can cause a denial of service to the RTU500 CMU application if a specially crafted mes- sage sequence is executed on a WebSocket connec- tion. An attacker must be properly authenticated and the test mode function of RTU500 must be...

CVE-2024-10037

A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled...

CVE-2024-10037

A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled...

CVE-2024-10037

CVE-2024-10037 affects Hitachi Energy RTU500 web server component and can cause a denial of service to the RTU500 CMU application when a specially crafted WebSocket message sequence is processed. Exploitation requires proper authentication and the RTU500 test mode to be enabled; the affected CMU ...

CVE-2024-10037

A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled...

CVE-2024-10037

A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled...

Cybele Software Thinfinity Workspace 安全漏洞

Cybele Software Thinfinity Workspace is an integrated solution for virtualizing applications, desktops, data and accessing any host from a unified portal from Cybele Software, USA. A security vulnerability exists in Cybele Software Thinfinity Workspace prior to v7.0.2.113 that stems from an acces...

Could not open websocket connection please try by login again /nsconfig/sshd_config.

After Upgrade to 13.1 53.17, the customer is not able to do several actions in the Netscaler, including generate the support bundle from the GUI or connect to the CLI through the GUI, error: Could not open websocket connection. Please try by login again...

SSLVPN error "Websocket connection failed: Connection closed before receiving a handshake responser"

After VPN tunnel established to NetScaler gateway, user encounter access issue s to backend server with error message: "Websocket connection to 'ws:///ws/notification/site-msg/' failed: Connection closed before receiving a handshake responser"...

HTML5 external users are not able to launch applications via Netscaler Gateway, Workspace works.

Users connecting externally are not able to launch connections with the Light HTML5 browser access but are able to launch with the Workspace App. Error displayed: "Citrix Workspace app cannot connect to the server. Please check your network connection or contact your help desk for assistance."...

Fortinet Fortigate Existing websocket connection persists after deleting API admin (FG-IR-23-028)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-028 advisory. - An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute...