7 matches found
CVE-2026-58208
CVE-2026-58208 affects NATS Server. A WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when MQTT was not configured, allowing an unauthenticated client with WebSocket access to reach an uninitialized MQTT state and crash the server process. This iss...
CVE-2026-44670
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the kernel stores Attribute View AV / database names without any HTML escape, then a render template uses raw strings.ReplaceAlltpl, "$avName", nodeAvName to embed the name in HTML before pushing to all clients via...
PT-2026-37009
Name of the Vulnerable Software and Affected Versions OpenClaw version 2026.4.9 Description A denial of service issue exists in the voice-call realtime WebSocket path. The system accepts oversized frames without proper validation, allowing remote attackers to send these frames to cause service...
PT-2026-30768
Name of the Vulnerable Software and Affected Versions Vite versions 6.0.0 through 6.4.1, 7.3.2, and 8.0.5 Description Vite, a frontend tooling framework for JavaScript, had a flaw where the server.fs check was not enforced for the fetchModule method exposed in the Vite dev server’s WebSocket. If ...
EUVD-2026-11383
ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle...
OpenClaw Access Control Error Vulnerability (CNVD-2026-13588)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the fact that Browser Relay's /cdp WebSocket endpoint does not require an authentication token, which can be exploited by an attacker to connect in...
Malicious code in helmet-fastapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c1f805932ecbcd95197e98c6e2336eb773252abf5615fe135076d1848cb90395 Package contains hidden code adding a backdoor - a WebSocket path handler which will execute commands sent by an attacker knowing the path. In addition, it add...