CVE-2025-66902

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

20/01/2026

Last modified:

20/01/2026

Description

An input validation issue in in Pithikos websocket-server v.0.6.4 allows a remote attacker to obtain sensitive information or cause unexpected server behavior via the websocket_server/websocket_server.py, WebSocketServer._message_received components.

Impact

References to Advisories, Solutions, and Tools

https://github.com/cyberinvest211/websocket-server-vuln-poc/tree/main