Websocket

An attacker can exploit CVE-2026-55883, a Cross-site WebSocket Hijacking vulnerability in Tilt versions 0.24.0 through 0.37.3, by acquiring an unauthenticated CSRF token or bypassing Origin header checks, to establish a WebSocket connection to a network-exposed Tilt HUD and exfiltrate sensitive developer session state, Tiltfile contents, and resource statuses.

An unauthenticated remote attacker can leverage a missing authorization vulnerability (CWE-862) in the Pipecat development runner's `/ws` WebSocket endpoint to supply a crafted `callSid` in a handshake message, compelling the server to use its configured Twilio, Telnyx, or Plivo credentials to issue authenticated API requests that terminate active calls, resulting in denial of service and credential abuse.

Next.js applications using WebSocket upgrades are vulnerable to server-side request forgery (SSRF) through crafted WebSocket upgrade requests, allowing attackers to proxy requests to internal or external destinations, affecting self-hosted applications running versions npm/next (>= 13.4.13, < 15.5.16) and npm/next (>= 16.0.0, < 16.2.5).

Dozzle is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) due to a permissive CheckOrigin configuration and the use of SameSite=Lax for JWT cookies, allowing attackers on the same site to gain shell access to containers even with authentication enabled, tracked as CVE-2026-44985.

Bandit versions 0.5.8 before 1.11.0 are vulnerable to denial of service when permessage-deflate is enabled, allowing an unauthenticated client to exhaust the BEAM's memory with a single, small, compressed WebSocket frame due to unbounded decompression.

OpenClaw versions prior to 2026.4.10 are vulnerable to a denial-of-service attack where remote attackers can send oversized WebSocket frames to the voice-call realtime path, causing service unavailability.

A remote code injection vulnerability exists in AV Stumpfl Pixera Two Media Server versions up to 25.2 R2 due to improper handling within the Websocket API, potentially allowing unauthenticated attackers to execute arbitrary code.

OpenClaw before 2026.3.28 is vulnerable to a denial-of-service attack by accepting unbounded concurrent unauthenticated WebSocket upgrades, allowing attackers to exhaust server resources.

PraisonAI versions before 4.5.139 and praisonaiagents versions before 1.5.140 are vulnerable to unauthenticated remote session hijacking due to missing authentication and a bypassable origin check on the /ws WebSocket endpoint, enabling unauthorized remote control and data leakage.

PraisonAI before version 4.5.128 is vulnerable to resource exhaustion and API credit draining due to the `/media-stream` WebSocket endpoint accepting unauthenticated connections, allowing attackers to exhaust server resources and drain OpenAI API credits.

An unauthenticated attacker can exploit an uncontrolled resource consumption vulnerability in Mesop versions 1.2.3 to 1.2.4 by sending a rapid succession of WebSocket messages, leading to thread exhaustion and a denial-of-service condition.

PraisonAI Gateway server versions prior to 4.5.97 allow unauthenticated access to WebSocket connections and agent topology, enabling unauthorized message sending and agent enumeration.

A vulnerability in NATS server allows a remote, unauthenticated attacker to cause a denial of service by sending a crafted WebSocket frame, leading to a server crash due to missing validation on WebSocket frame length.

Multiple vulnerabilities in SWITCH EV swtchenergy.com charging stations could allow attackers to impersonate stations, hijack sessions, cause denial of service, and manipulate backend data due to missing authentication, rate limiting issues, session expiration flaws, and exposed credentials.

PrefectHQ Prefect versions up to 3.6.13 are vulnerable to an authentication bypass via manipulation of the /api/events/in WebSocket endpoint, potentially allowing remote attackers to execute unauthorized actions.

Granian versions 1.2.0 through 2.7.3 are vulnerable to an unauthenticated denial of service. Sending a WebSocket upgrade request with a `Sec-WebSocket-Protocol` header containing non-ASCII bytes causes a worker process to abort, leading to a denial of service.

An unauthenticated attacker can exhaust server memory by sending unbounded WebSocket continuation frames in Bandit-fronted applications, leading to a denial of service.

Traccar GPS Tracking System 6.11.1 is vulnerable to Cross-Site WebSocket Hijacking (CSWSH), enabling attackers to steal sensitive GPS data by exploiting a lack of origin validation.

The Signal K server's WebSocket login endpoint lacks rate limiting, allowing attackers to bypass HTTP rate limiting by opening a WebSocket connection and attempting unlimited password guesses.

The `kanban` npm package, used by the `cline` CLI, has a cross-origin WebSocket hijacking vulnerability. Due to the lack of Origin header validation, any website can connect to the kanban server via WebSocket and leak sensitive data, hijack running AI agent terminals leading to remote code execution, or kill running agent tasks, resulting in information disclosure, RCE, and denial of service.

DevSpace's UI server WebSocket accepts connections from any origin, enabling attackers to access pod logs, interactive shells, and execute commands via cross-origin WebSocket connections; versions up to 6.3.20 are affected, patched in 6.3.21.

AVideo is vulnerable to unauthenticated cross-site scripting (XSS) due to an incomplete server-side fix for a YPTSocket `autoEvalCodeOnHTML` eval sink, allowing an attacker to bypass the fix by nesting the payload under a top-level `json` field, leading to arbitrary JavaScript execution in any logged-in user's browser session.