All CosmicBytez Labs articles tagged #WebSocket, across news, security advisories, how-to guides, and projects.
A critical authorization bypass in Coolify's terminal WebSocket bootstrap routes allows authenticated users to access server terminals for resources outside their team scope.
A critical privilege escalation flaw in Coolify's terminal WebSocket routes lets any low-privileged team member connect to privileged server terminals by bypassing terminal-level authorization checks.
A missing authorization flaw (CVSS 9.6) in Red Hat's Event-Driven Ansible allows any authenticated user to forge WebSocket messages and access plaintext...
Security researchers have identified a newly discovered malicious implant named RoadK1ll that leverages WebSocket connections to silently move from an...
A critical CVSS 9.9 authorization bypass in OpenClaw allows authenticated users to self-declare elevated scopes over WebSocket connections without...