{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/websocket/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7703"}],"_cs_exploited":false,"_cs_products":["Pixera Two Media Server (\u003c= 25.2 R2)"],"_cs_severities":["high"],"_cs_tags":["code-injection","websocket","cve-2026-7703"],"_cs_type":"advisory","_cs_vendors":["AV Stumpfl"],"content_html":"\u003cp\u003eA code injection vulnerability, tracked as CVE-2026-7703, has been identified in AV Stumpfl Pixera Two Media Server impacting versions up to 25.2 R2. The vulnerability resides within an unspecified function of the Websocket API component. Successful exploitation allows a remote attacker to inject and execute arbitrary code on the affected system. Given that an exploit has been published, the risk of exploitation is elevated. Organizations using the Pixera Two Media Server should upgrade to version 25.2 R3 or later to mitigate the risk. This vulnerability poses a significant threat to media production environments relying on the affected software.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable AV Stumpfl Pixera Two Media Server instance running a version prior to 25.2 R3.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious payload designed to exploit the code injection vulnerability within the Websocket API.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the malicious payload to the Pixera Two Media Server instance via a Websocket connection.\u003c/li\u003e\n\u003cli\u003eThe vulnerable function within the Websocket API fails to properly sanitize or validate the input.\u003c/li\u003e\n\u003cli\u003eThe malicious payload is processed, resulting in the injection of attacker-controlled code into the server\u0026rsquo;s process.\u003c/li\u003e\n\u003cli\u003eThe injected code executes with the privileges of the Pixera Two Media Server process.\u003c/li\u003e\n\u003cli\u003eThe attacker gains arbitrary code execution on the server, potentially leading to complete system compromise.\u003c/li\u003e\n\u003cli\u003eThe attacker can then install malware, exfiltrate sensitive data, or disrupt media server operations.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-7703 can result in arbitrary code execution on the AV Stumpfl Pixera Two Media Server. This could allow an attacker to gain complete control over the server, potentially disrupting media presentations, stealing sensitive data, or using the compromised server as a launchpad for further attacks within the network. The impact is significant due to the critical role media servers play in various entertainment and presentation environments.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade AV Stumpfl Pixera Two Media Server to version 25.2 R3 or later to patch CVE-2026-7703 (reference: AV Stumpfl advisory).\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious Websocket connections originating from or targeting AV Stumpfl Pixera Two Media Servers using the \u0026ldquo;Detect Suspicious Pixera Websocket Activity\u0026rdquo; Sigma rule.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to limit the blast radius of a potential compromise of the Pixera Two Media Server.\u003c/li\u003e\n\u003cli\u003eReview and harden the configuration of the Pixera Two Media Server to minimize the attack surface.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-03T17:16:13Z","date_published":"2026-05-03T17:16:13Z","id":"/briefs/2026-05-pixera-code-injection/","summary":"A remote code injection vulnerability exists in AV Stumpfl Pixera Two Media Server versions up to 25.2 R2 due to improper handling within the Websocket API, potentially allowing unauthenticated attackers to execute arbitrary code.","title":"AV Stumpfl Pixera Two Media Server Code Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-pixera-code-injection/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-41399"}],"_cs_exploited":false,"_cs_products":["OpenClaw"],"_cs_severities":["medium"],"_cs_tags":["denial-of-service","websocket","cve"],"_cs_type":"advisory","_cs_vendors":["OpenClaw"],"content_html":"\u003cp\u003eOpenClaw, in versions prior to 2026.3.28, suffers from a denial-of-service vulnerability due to a lack of pre-authentication budget allocation for WebSocket upgrades. This flaw allows unauthenticated network attackers to initiate a large number of concurrent WebSocket upgrade requests without any resource constraints. By exploiting this, an attacker can exhaust the server\u0026rsquo;s socket and worker capacity, effectively preventing legitimate clients from establishing WebSocket connections and disrupting normal service operation. This vulnerability poses a risk to any OpenClaw deployment accessible over a network, as it can be exploited without requiring any prior authentication or privileged access.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies an OpenClaw server accessible over the network.\u003c/li\u003e\n\u003cli\u003eThe attacker sends a large number of WebSocket upgrade requests to the server. These requests are crafted to initiate the WebSocket handshake process.\u003c/li\u003e\n\u003cli\u003eThe OpenClaw server accepts these requests without pre-authentication checks or resource limits.\u003c/li\u003e\n\u003cli\u003eEach incoming WebSocket upgrade request consumes server resources, including sockets and worker threads.\u003c/li\u003e\n\u003cli\u003eThe attacker continues to flood the server with upgrade requests, rapidly exhausting available resources.\u003c/li\u003e\n\u003cli\u003eAs resources become scarce, the server\u0026rsquo;s ability to handle legitimate client requests degrades.\u003c/li\u003e\n\u003cli\u003eEventually, the server\u0026rsquo;s socket and worker capacity is fully exhausted, leading to a denial-of-service condition.\u003c/li\u003e\n\u003cli\u003eLegitimate clients are unable to establish WebSocket connections, disrupting application functionality.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability results in a denial-of-service condition, preventing legitimate users from accessing OpenClaw services. The number of affected users depends on the scale of the OpenClaw deployment and the number of concurrent users it typically supports. Organizations relying on OpenClaw for critical functions could experience significant disruptions and potential data loss if the service becomes unavailable. The vulnerability allows a single attacker to disrupt the service without requiring any credentials or prior access.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade OpenClaw to version 2026.3.28 or later to remediate the vulnerability (CVE-2026-41399).\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on WebSocket upgrade requests to mitigate the impact of malicious requests. Deploy the Sigma rule \u003ccode\u003eDetect Excessive WebSocket Upgrade Requests\u003c/code\u003e to identify suspicious activity.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for a high volume of WebSocket upgrade requests originating from a single source IP address. Use the Sigma rule \u003ccode\u003eDetect High Volume of WebSocket Upgrade Requests from Single IP\u003c/code\u003e to detect this pattern.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-28T19:37:43Z","date_published":"2026-04-28T19:37:43Z","id":"/briefs/2026-04-openclaw-dos/","summary":"OpenClaw before 2026.3.28 is vulnerable to a denial-of-service attack by accepting unbounded concurrent unauthenticated WebSocket upgrades, allowing attackers to exhaust server resources.","title":"OpenClaw Unauthenticated WebSocket Denial-of-Service Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-openclaw-dos/"},{"_cs_actors":[],"_cs_cves":[{"cvss":9.1,"id":"CVE-2026-40289"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["cve-2026-40289","websocket","remote-code-execution","praisonai"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003ePraisonAI, a multi-agent team system, is affected by a critical vulnerability (CVE-2026-40289) in versions prior to 4.5.139 and praisonaiagents versions prior to 1.5.140. The vulnerability lies in the browser bridge component (\u0026ldquo;praisonai browser start\u0026rdquo;), which lacks proper authentication and has a bypassable origin check on its /ws WebSocket endpoint. The server, binding to 0.0.0.0 by default, inadequately validates the Origin header, permitting connections from non-browser clients omitting this header. This flaw allows an unauthenticated attacker to remotely hijack sessions and broadcast automation actions and outputs. This can lead to unauthorized remote control of connected browser automation sessions, leakage of sensitive page context and automation results, and misuse of model-backed browser actions. Defenders must prioritize patching affected systems to mitigate this severe risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable PraisonAI instance with network access to the browser bridge component.\u003c/li\u003e\n\u003cli\u003eAttacker establishes a direct WebSocket connection to the /ws endpoint of the browser bridge, omitting the Origin header to bypass the weak origin check.\u003c/li\u003e\n\u003cli\u003eAttacker sends a \u0026ldquo;start_session\u0026rdquo; message to the WebSocket endpoint.\u003c/li\u003e\n\u003cli\u003eThe server routes the attacker\u0026rsquo;s \u0026ldquo;start_session\u0026rdquo; request to the first idle browser-extension WebSocket, effectively hijacking that session.\u003c/li\u003e\n\u003cli\u003eThe hijacked browser session begins executing commands dictated by the attacker.\u003c/li\u003e\n\u003cli\u003eAll automation actions and outputs resulting from the hijacked session are broadcast back to the attacker via the WebSocket connection.\u003c/li\u003e\n\u003cli\u003eAttacker gains unauthorized remote control of the connected browser automation session.\u003c/li\u003e\n\u003cli\u003eAttacker exfiltrates sensitive data and/or misuses model-backed browser actions.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-40289 can lead to complete compromise of PraisonAI browser automation sessions. An attacker can gain unauthorized remote control, potentially leading to leakage of sensitive page context and automation results. Furthermore, they can misuse model-backed browser actions. The vulnerability affects all environments where the bridge is network-reachable. The severity of the impact is high, as it allows for unauthenticated remote code execution within the context of the PraisonAI browser extension.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade PraisonAI to version 4.5.139 or later, and praisonaiagents to version 1.5.140 or later to patch CVE-2026-40289.\u003c/li\u003e\n\u003cli\u003eMonitor network connections to the /ws endpoint on PraisonAI servers (logsource category: network_connection, product: windows/linux).\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule to detect suspicious websocket connections without origin header (see rule below).\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to limit network access to the PraisonAI browser bridge component.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-14T04:18:47Z","date_published":"2026-04-14T04:18:47Z","id":"/briefs/2026-04-praisonai-rce/","summary":"PraisonAI versions before 4.5.139 and praisonaiagents versions before 1.5.140 are vulnerable to unauthenticated remote session hijacking due to missing authentication and a bypassable origin check on the /ws WebSocket endpoint, enabling unauthorized remote control and data leakage.","title":"PraisonAI Unauthenticated Remote Session Hijacking Vulnerability (CVE-2026-40289)","url":"https://feed.craftedsignal.io/briefs/2026-04-praisonai-rce/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-40116"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-40116","resource-exhaustion","websocket","api-abuse","cloud"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003ePraisonAI, a multi-agent teams system, contains a vulnerability in versions prior to 4.5.128 that exposes the \u003ccode\u003e/media-stream\u003c/code\u003e WebSocket endpoint in its call module. This endpoint lacks authentication or Twilio signature validation, allowing any client to establish a connection. Each successful connection initiates an authenticated session to OpenAI\u0026rsquo;s Realtime API, utilizing the server\u0026rsquo;s API key. Due to the absence of rate limits, connection limits, or message size restrictions, a malicious actor can exploit this vulnerability by creating numerous concurrent connections. This can lead to the exhaustion of server resources and a significant drain on the victim\u0026rsquo;s OpenAI API credits. This vulnerability is addressed and patched in version 4.5.128.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a PraisonAI instance running a vulnerable version (prior to 4.5.128).\u003c/li\u003e\n\u003cli\u003eAttacker establishes a WebSocket connection to the \u003ccode\u003e/media-stream\u003c/code\u003e endpoint of the PraisonAI instance without providing any authentication credentials.\u003c/li\u003e\n\u003cli\u003eThe PraisonAI server, upon receiving the unauthenticated WebSocket connection, creates an authenticated session with the OpenAI Realtime API using its own API key.\u003c/li\u003e\n\u003cli\u003eAttacker sends a large volume of messages through the WebSocket connection, exploiting the lack of message rate limits.\u003c/li\u003e\n\u003cli\u003eAttacker initiates multiple concurrent WebSocket connections to the \u003ccode\u003e/media-stream\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe PraisonAI server becomes overloaded due to the excessive number of connections and message processing demands.\u003c/li\u003e\n\u003cli\u003eThe victim\u0026rsquo;s OpenAI API credits are rapidly depleted as the PraisonAI server processes requests from the attacker\u0026rsquo;s connections.\u003c/li\u003e\n\u003cli\u003eThe PraisonAI server experiences degraded performance or becomes completely unresponsive, impacting legitimate users.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability results in resource exhaustion on the PraisonAI server, potentially causing denial of service for legitimate users. Furthermore, it leads to the unauthorized consumption of the victim\u0026rsquo;s OpenAI API credits, resulting in unexpected charges and potential disruption of services reliant on the OpenAI API. The number of affected organizations depends on the prevalence of vulnerable PraisonAI instances deployed.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade PraisonAI installations to version 4.5.128 or later to patch CVE-2026-40116.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on WebSocket connections to the \u003ccode\u003e/media-stream\u003c/code\u003e endpoint to mitigate resource exhaustion.\u003c/li\u003e\n\u003cli\u003eMonitor OpenAI API usage for unexpected spikes in activity that may indicate exploitation of this vulnerability.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetectSuspiciousPraisonAIWebSocketConnections\u003c/code\u003e to identify potential exploitation attempts by detecting a high number of connections to the \u003ccode\u003e/media-stream\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-09T22:16:35Z","date_published":"2026-04-09T22:16:35Z","id":"/briefs/2026-04-praisonai-websocket-vuln/","summary":"PraisonAI before version 4.5.128 is vulnerable to resource exhaustion and API credit draining due to the `/media-stream` WebSocket endpoint accepting unauthenticated connections, allowing attackers to exhaust server resources and drain OpenAI API credits.","title":"PraisonAI Unauthenticated WebSocket Allows Resource Exhaustion","url":"https://feed.craftedsignal.io/briefs/2026-04-praisonai-websocket-vuln/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["denial-of-service","websocket","cve-2026-34824"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eMesop, a Python-based UI framework, is vulnerable to a denial-of-service (DoS) attack due to uncontrolled resource consumption in its WebSocket implementation. Specifically, versions 1.2.3 and 1.2.4 are affected. An unauthenticated attacker can exploit this vulnerability (CVE-2026-34824) by sending a rapid succession of WebSocket messages. The server, in turn, spawns an unbounded number of operating system threads to handle these messages. This leads to thread exhaustion and Out of Memory (OOM) errors, effectively crashing the Mesop application and causing a complete DoS. The vulnerability was patched in version 1.2.5, so upgrading is the primary mitigation. This DoS can impact any application built on the vulnerable versions of the framework.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a Mesop application running a vulnerable version (1.2.3 or 1.2.4).\u003c/li\u003e\n\u003cli\u003eThe attacker establishes a WebSocket connection to the Mesop application server.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts and sends a high volume of WebSocket messages to the server.\u003c/li\u003e\n\u003cli\u003eThe server attempts to process each message by spawning a new OS thread.\u003c/li\u003e\n\u003cli\u003eThe rapid influx of messages causes the server to spawn threads at an unsustainable rate.\u003c/li\u003e\n\u003cli\u003eThe server\u0026rsquo;s thread pool becomes exhausted, preventing it from servicing legitimate requests.\u003c/li\u003e\n\u003cli\u003eThe server\u0026rsquo;s memory usage increases dramatically as it attempts to manage the excessive threads.\u003c/li\u003e\n\u003cli\u003eThe server runs out of memory (OOM) and crashes, resulting in a denial-of-service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-34824 results in a complete denial-of-service for applications built on the Mesop framework. This can lead to downtime, loss of productivity, and potential reputational damage. The impact is particularly severe for critical applications that rely on the Mesop framework for availability. While specific victim numbers are unavailable, any organization using Mesop versions 1.2.3 or 1.2.4 is potentially vulnerable.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Mesop to version 1.2.5 or later to patch CVE-2026-34824.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on WebSocket connections to mitigate rapid message flooding.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Mesop Excessive WebSocket Connections\u003c/code\u003e to identify potential exploitation attempts based on network connection patterns.\u003c/li\u003e\n\u003cli\u003eMonitor server resource utilization (CPU, memory, threads) for Mesop applications and alert on unusual spikes to proactively identify potential DoS conditions.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-04T12:00:00Z","date_published":"2026-04-04T12:00:00Z","id":"/briefs/2026-04-mesop-dos/","summary":"An unauthenticated attacker can exploit an uncontrolled resource consumption vulnerability in Mesop versions 1.2.3 to 1.2.4 by sending a rapid succession of WebSocket messages, leading to thread exhaustion and a denial-of-service condition.","title":"Mesop Framework WebSocket Denial-of-Service Vulnerability (CVE-2026-34824)","url":"https://feed.craftedsignal.io/briefs/2026-04-mesop-dos/"},{"_cs_actors":[],"_cs_cves":[{"cvss":9.1,"id":"CVE-2026-34952"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["vulnerability","authentication bypass","websocket"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-34952 exposes a critical vulnerability in PraisonAI, a multi-agent teams system. Specifically, versions of the PraisonAI Gateway server prior to 4.5.97 lack authentication for WebSocket connections at the \u003ccode\u003e/ws\u003c/code\u003e endpoint and for serving agent topology information at the \u003ccode\u003e/info\u003c/code\u003e endpoint. This absence of authentication means that any client on the network can connect to these endpoints. Attackers could exploit this vulnerability to enumerate registered agents, send arbitrary messages to agents and their associated tool sets, and potentially gain unauthorized control over the PraisonAI system. The vulnerability was reported on April 3, 2026, and is addressed in version 4.5.97 of PraisonAI.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a vulnerable PraisonAI Gateway server running a version prior to 4.5.97.\u003c/li\u003e\n\u003cli\u003eThe attacker establishes a WebSocket connection to the \u003ccode\u003e/ws\u003c/code\u003e endpoint of the server without providing any credentials.\u003c/li\u003e\n\u003cli\u003eThe server, lacking authentication, accepts the connection.\u003c/li\u003e\n\u003cli\u003eThe attacker sends a request to the \u003ccode\u003e/info\u003c/code\u003e endpoint to enumerate registered agents and their topology.\u003c/li\u003e\n\u003cli\u003eThe server responds with the agent topology data.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts arbitrary messages and sends them to specific agents through the established WebSocket connection.\u003c/li\u003e\n\u003cli\u003eThe targeted agent receives the message and executes the corresponding actions, potentially including tool usage or data modification.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves unauthorized control over the PraisonAI system by manipulating agents and their tool sets.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability could lead to complete compromise of the PraisonAI system. Attackers can enumerate and control agents, manipulate data, and potentially use the agents\u0026rsquo; tool sets for malicious purposes, such as data theft or system disruption. This could impact organizations relying on PraisonAI for critical functions, leading to financial losses, reputational damage, and operational downtime. The severity is high due to the ease of exploitation and the potential for widespread damage.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade all PraisonAI Gateway servers to version 4.5.97 or later to patch CVE-2026-34952.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules provided to detect unauthorized connections to the \u003ccode\u003e/ws\u003c/code\u003e and \u003ccode\u003e/info\u003c/code\u003e endpoints.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious WebSocket connections to the PraisonAI Gateway server to detect potential exploitation attempts.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-03T23:17:06Z","date_published":"2026-04-03T23:17:06Z","id":"/briefs/2026-04-praisonai-auth-bypass/","summary":"PraisonAI Gateway server versions prior to 4.5.97 allow unauthenticated access to WebSocket connections and agent topology, enabling unauthorized message sending and agent enumeration.","title":"PraisonAI Gateway Unauthenticated Access Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-praisonai-auth-bypass/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["nats","websocket","denial-of-service","CVE-2026-27889","server-crash"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA critical vulnerability exists in NATS server versions 2.2.0 through 2.11.13 and 2.12.0 through 2.12.4, enabling unauthenticated remote attackers to trigger a denial-of-service (DoS) condition. The vulnerability stems from a missing sanity check on WebSocket frame lengths, allowing malicious clients to send crafted frames that cause a server panic and crash. This issue impacts deployments that utilize WebSockets and expose the network port to untrusted endpoints. The attack requires no authentication or credentials and can be executed with a single TCP connection sending a malicious WebSocket frame. This vulnerability was reported by GitHub users Mistz1 and jiayuqi7813.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker establishes a TCP connection to the NATS server\u0026rsquo;s WebSocket port.\u003c/li\u003e\n\u003cli\u003eThe attacker sends a WebSocket upgrade request to initiate the WebSocket handshake.\u003c/li\u003e\n\u003cli\u003eThe NATS server completes the WebSocket handshake, establishing a WebSocket connection.\u003c/li\u003e\n\u003cli\u003eThe attacker sends a crafted WebSocket frame with a 64-bit extended payload length field where the most significant bit (MSB) is set (e.g., \u003ccode\u003e0x8000000000000001\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe server reads the 8-byte payload length but fails to validate that the MSB is zero, resulting in a negative integer value.\u003c/li\u003e\n\u003cli\u003eThe negative value bypasses the bounds clamp in the \u003ccode\u003ewsRead\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eA slice operation with the negative length triggers a runtime panic due to out-of-bounds access.\u003c/li\u003e\n\u003cli\u003eThe unrecovered panic propagates to the Go runtime, causing the entire NATS server process to terminate, disconnecting all clients.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability results in a complete denial of service, crashing the entire NATS server process. All connected clients, including NATS, WebSocket, MQTT, cluster routes, gateways, and leaf nodes, are immediately disconnected. JetStream in-flight acknowledgments are lost, and Raft consensus is disrupted in clustered deployments. The attack is repeatable on every server restart, causing significant disruption to services relying on the NATS server. Any NATS server deployment with WebSocket listeners enabled is vulnerable.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the NATS server to version 2.11.14, 2.12.5, or later to patch CVE-2026-27889.\u003c/li\u003e\n\u003cli\u003eIf upgrading is not immediately feasible, restrict access to the WebSocket port to trusted endpoints as a defense-in-depth measure, as mentioned in the overview.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule to detect connections with crafted websocket frame to your SIEM and tune for your environment.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-26T12:00:00Z","date_published":"2026-03-26T12:00:00Z","id":"/briefs/2026-03-nats-websocket-dos/","summary":"A vulnerability in NATS server allows a remote, unauthenticated attacker to cause a denial of service by sending a crafted WebSocket frame, leading to a server crash due to missing validation on WebSocket frame length.","title":"NATS Server WebSocket Frame Length Overflow Denial of Service","url":"https://feed.craftedsignal.io/briefs/2026-03-nats-websocket-dos/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["electric-vehicle","charging-station","websocket"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eSWITCH EV\u0026rsquo;s swtchenergy.com charging stations are affected by multiple vulnerabilities that could allow attackers to gain unauthorized access and disrupt services. These vulnerabilities include missing authentication mechanisms, lack of rate limiting on authentication requests, predictable session identifiers, and publicly accessible authentication identifiers. Successful exploitation could lead to station impersonation, session hijacking, denial-of-service attacks, and manipulation of backend data. The affected product is swtchenergy.com versions all/* . The vendor did not respond to CISA\u0026rsquo;s request for coordination. The charging stations are deployed worldwide in the energy and transportation sectors.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a charging station ID via public mapping platforms (CVE-2026-27773).\u003c/li\u003e\n\u003cli\u003eAttacker connects to the OCPP WebSocket endpoint of the charging station using the discovered ID (CVE-2026-27767).\u003c/li\u003e\n\u003cli\u003eBecause no authentication is required, the attacker impersonates the charging station.\u003c/li\u003e\n\u003cli\u003eAttacker sends malicious commands to the backend, potentially manipulating charging parameters or data (CVE-2026-27767).\u003c/li\u003e\n\u003cli\u003eAlternatively, the attacker floods the authentication endpoint with requests, causing a denial-of-service condition by overwhelming the backend (CVE-2026-25113).\u003c/li\u003e\n\u003cli\u003eAttacker hijacks a legitimate session by establishing a new connection using the same session identifier (CVE-2026-25778).\u003c/li\u003e\n\u003cli\u003eThe legitimate charging station is disconnected, and the attacker receives backend commands intended for the legitimate station.\u003c/li\u003e\n\u003cli\u003eAttacker manipulates charging station behavior or data, causing disruption or financial loss.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of these vulnerabilities could have significant consequences. Attackers could impersonate charging stations, hijack sessions, suppress or misroute traffic to cause large-scale denial-of-service attacks, and manipulate data sent to the backend. This could lead to widespread disruption of EV charging services, financial losses for charging station operators and users, and potential damage to the electrical grid. Given the global deployment of these charging stations in the energy and transportation sectors, the impact could be widespread.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor network connections to OCPP WebSocket endpoints for connections without proper authentication to detect potential station impersonation attempts related to CVE-2026-27767.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on authentication requests to the WebSocket API to mitigate denial-of-service attacks as described in CVE-2026-25113.\u003c/li\u003e\n\u003cli\u003eMonitor for multiple connections using the same session identifier to detect potential session hijacking attempts related to CVE-2026-25778.\u003c/li\u003e\n\u003cli\u003eMonitor for access to swtchenergy.com from unusual or unexpected geolocations.\u003c/li\u003e\n\u003cli\u003eConsult SWITCH EV (swtchenergy.com) for potential mitigations or workarounds, as they did not respond to CISA\u0026rsquo;s request for coordination.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-02-27T12:00:00Z","date_published":"2026-02-27T12:00:00Z","id":"/briefs/2026-02-switch-ev-vulns/","summary":"Multiple vulnerabilities in SWITCH EV swtchenergy.com charging stations could allow attackers to impersonate stations, hijack sessions, cause denial of service, and manipulate backend data due to missing authentication, rate limiting issues, session expiration flaws, and exposed credentials.","title":"Multiple Vulnerabilities in SWITCH EV Charging Stations","url":"https://feed.craftedsignal.io/briefs/2026-02-switch-ev-vulns/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7723"}],"_cs_exploited":false,"_cs_products":["prefect (\u003c= 3.6.13)"],"_cs_severities":["high"],"_cs_tags":["CVE-2026-7723","authentication-bypass","websocket","prefecthq"],"_cs_type":"advisory","_cs_vendors":["PrefectHQ"],"content_html":"\u003cp\u003ePrefectHQ Prefect, a workflow management system, is vulnerable to an authentication bypass vulnerability identified as CVE-2026-7723. The vulnerability exists in versions up to 3.6.13 and stems from a flaw within the \u003ccode\u003e/api/events/in\u003c/code\u003e WebSocket endpoint. A remote attacker can manipulate data sent to this endpoint, leading to a failure in authentication checks. This can allow the attacker to perform unauthorized actions within the Prefect system. The vulnerability was published on 2026-05-04 and a patch is available in version 3.6.14, specifically commit \u003ccode\u003e0d3ab3c2d3f9f98abfafdf7b9f6d4f8ed3925e40\u003c/code\u003e. Defenders should upgrade affected Prefect installations to version 3.6.14 or later to mitigate this risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a PrefectHQ Prefect instance running a vulnerable version (\u0026lt;= 3.6.13) with an exposed \u003ccode\u003e/api/events/in\u003c/code\u003e WebSocket endpoint.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious WebSocket message specifically targeting the \u003ccode\u003e/api/events/in\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the manipulated message to the \u003ccode\u003e/api/events/in\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability, the authentication checks within the WebSocket endpoint fail to properly validate the attacker\u0026rsquo;s identity.\u003c/li\u003e\n\u003cli\u003eThe Prefect system incorrectly processes the attacker\u0026rsquo;s request as authenticated.\u003c/li\u003e\n\u003cli\u003eThe attacker exploits this lack of authentication to execute unauthorized actions within the Prefect system. These actions could include modifying workflows, accessing sensitive data, or disrupting operations.\u003c/li\u003e\n\u003cli\u003eThe attacker may further leverage their access to compromise other connected systems or data stores.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-7723 allows an unauthenticated remote attacker to bypass authentication mechanisms in PrefectHQ Prefect. This can lead to unauthorized access to sensitive data, modification of workflows, and disruption of critical business processes. The CVSS v3.1 base score is 7.3, indicating a high severity vulnerability. The number of affected organizations depends on the adoption rate of PrefectHQ Prefect, but any organization running a vulnerable version is at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately upgrade PrefectHQ Prefect to version 3.6.14 or later to apply the patch (\u003ccode\u003e0d3ab3c2d3f9f98abfafdf7b9f6d4f8ed3925e40\u003c/code\u003e) that resolves CVE-2026-7723.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious activity targeting the \u003ccode\u003e/api/events/in\u003c/code\u003e endpoint to detect potential exploitation attempts. Deploy the Sigma rule \u003ccode\u003eDetect PrefectHQ Auth Bypass Attempt\u003c/code\u003e to identify unusual requests to the vulnerable endpoint.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to limit the potential impact of a successful exploit by restricting access to sensitive resources from the Prefect server.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-30T12:00:00Z","date_published":"2024-01-30T12:00:00Z","id":"/briefs/2024-01-30-prefect-auth-bypass/","summary":"PrefectHQ Prefect versions up to 3.6.13 are vulnerable to an authentication bypass via manipulation of the /api/events/in WebSocket endpoint, potentially allowing remote attackers to execute unauthorized actions.","title":"PrefectHQ Prefect Authentication Bypass Vulnerability (CVE-2026-7723)","url":"https://feed.craftedsignal.io/briefs/2024-01-30-prefect-auth-bypass/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["signalk-server (\u003c= 2.24.0)"],"_cs_severities":["high"],"_cs_tags":["credential-access","brute-force","websocket"],"_cs_type":"advisory","_cs_vendors":["Signal K"],"content_html":"\u003cp\u003eSignal K server versions 2.24.0 and earlier are vulnerable to credential brute-forcing via the WebSocket protocol. The vulnerability stems from the lack of rate limiting on the WebSocket login endpoint (\u003ccode\u003e/signalk/v1/stream\u003c/code\u003e), which allows attackers to bypass the existing HTTP rate limiting mechanism. By establishing a WebSocket connection, an attacker can send an unlimited number of login attempts, effectively bypassing the intended rate limiting defense of 100 attempts per 10 minutes on the HTTP login endpoints. This makes it feasible to conduct dictionary attacks and potentially gain unauthorized access to Signal K servers. Signal K servers are commonly deployed on boat networks.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable Signal K server.\u003c/li\u003e\n\u003cli\u003eAttacker establishes a WebSocket connection to \u003ccode\u003ews://server:3000/signalk/v1/stream?subscribe=none\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe server sends a hello message, confirming the connection.\u003c/li\u003e\n\u003cli\u003eAttacker sends a series of login attempts via WebSocket messages using the following JSON format: \u003ccode\u003e{\u0026quot;requestId\u0026quot;: \u0026quot;1\u0026quot;, \u0026quot;login\u0026quot;: {\u0026quot;username\u0026quot;: \u0026quot;admin\u0026quot;, \u0026quot;password\u0026quot;: \u0026quot;guess1\u0026quot;}}\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe server processes each login attempt without rate limiting.\u003c/li\u003e\n\u003cli\u003eAttacker continues sending login attempts using different password guesses.\u003c/li\u003e\n\u003cli\u003eIf successful, the attacker gains unauthorized access to the Signal K server.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to bypass HTTP rate limiting and brute-force credentials to gain unauthorized access to Signal K servers. An attacker can achieve a brute-forcing speed of approximately 20 attempts per second, limited by the bcrypt hashing algorithm. A dictionary attack with 10,000 words can be completed in approximately 8 minutes over a single connection. Since Signal K servers are commonly deployed on boat networks, successful exploitation can lead to unauthorized access to sensitive maritime data.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor network connections to Signal K servers for unusually high rates of WebSocket login attempts. Create a detection rule that triggers when a single IP address sends more than 5 login attempts per second via the WebSocket protocol.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect High Volume SignalK WebSocket Login Attempts\u003c/code\u003e to identify potential brute-force attacks against Signal K servers.\u003c/li\u003e\n\u003cli\u003eUpgrade Signal K servers to a patched version that includes rate limiting on the WebSocket login endpoint.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-03T12:00:00Z","date_published":"2024-01-03T12:00:00Z","id":"/briefs/2024-01-signalk-brute-force/","summary":"The Signal K server's WebSocket login endpoint lacks rate limiting, allowing attackers to bypass HTTP rate limiting by opening a WebSocket connection and attempting unlimited password guesses.","title":"Signal K Server WebSocket Login Brute-Force Vulnerability","url":"https://feed.craftedsignal.io/briefs/2024-01-signalk-brute-force/"}],"language":"en","title":"CraftedSignal Threat Feed — Websocket","version":"https://jsonfeed.org/version/1.1"}