Search

Find a vulnerability

Search criteria

    4 vulnerabilities by will-moss

    CVE-2026-15542 (GCVE-0-2026-15542)

    Vulnerability from nvd – Published: 2026-07-13 07:00 – Updated: 2026-07-13 07:00
    VLAI
    Title
    will-moss Isaiah Websocket Connection Authentication main.go improper authentication
    Summary
    A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance.
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    will-moss Isaiah Affected: 1.36.0
    Affected: 1.36.1
    Affected: 1.36.2
    Affected: 1.36.3
    Affected: 1.36.4
    Affected: 1.36.5
    Affected: 1.36.6
    Affected: 1.36.7
    Affected: 1.36.8
    Affected: 1.36.9
        cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Dem0000000 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Websocket Connection Authentication"
              ],
              "product": "Isaiah",
              "vendor": "will-moss",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.36.0"
                },
                {
                  "status": "affected",
                  "version": "1.36.1"
                },
                {
                  "status": "affected",
                  "version": "1.36.2"
                },
                {
                  "status": "affected",
                  "version": "1.36.3"
                },
                {
                  "status": "affected",
                  "version": "1.36.4"
                },
                {
                  "status": "affected",
                  "version": "1.36.5"
                },
                {
                  "status": "affected",
                  "version": "1.36.6"
                },
                {
                  "status": "affected",
                  "version": "1.36.7"
                },
                {
                  "status": "affected",
                  "version": "1.36.8"
                },
                {
                  "status": "affected",
                  "version": "1.36.9"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Dem0000000 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-13T07:00:09.998Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377892 | will-moss Isaiah Websocket Connection Authentication main.go improper authentication",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/377892"
            },
            {
              "name": "VDB-377892 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377892/cti"
            },
            {
              "name": "CVE-2026-15542 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15542"
            },
            {
              "name": "Submit #855075 | will-moss Isaiah 1.36.9 CWE-287 Improper Authentication",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/855075"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/will-moss/isaiah/issues/33"
            },
            {
              "tags": [
                "issue-tracking",
                "patch"
              ],
              "url": "https://github.com/will-moss/isaiah/pull/36"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/will-moss/isaiah/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-12T20:18:56.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "will-moss Isaiah Websocket Connection Authentication main.go improper authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15542",
        "datePublished": "2026-07-13T07:00:09.998Z",
        "dateReserved": "2026-07-12T18:13:53.748Z",
        "dateUpdated": "2026-07-13T07:00:09.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15541 (GCVE-0-2026-15541)

    Vulnerability from nvd – Published: 2026-07-13 06:45 – Updated: 2026-07-13 06:45
    VLAI
    Title
    will-moss Isaiah Master Websocket server.go Server.Handle authorization
    Summary
    A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch the attack remotely. The pull request to fix this issue awaits acceptance.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    will-moss Isaiah Affected: 1.36.0
    Affected: 1.36.1
    Affected: 1.36.2
    Affected: 1.36.3
    Affected: 1.36.4
    Affected: 1.36.5
    Affected: 1.36.6
    Affected: 1.36.7
    Affected: 1.36.8
    Affected: 1.36.9
        cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Dem0000000 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Master Websocket Handler"
              ],
              "product": "Isaiah",
              "vendor": "will-moss",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.36.0"
                },
                {
                  "status": "affected",
                  "version": "1.36.1"
                },
                {
                  "status": "affected",
                  "version": "1.36.2"
                },
                {
                  "status": "affected",
                  "version": "1.36.3"
                },
                {
                  "status": "affected",
                  "version": "1.36.4"
                },
                {
                  "status": "affected",
                  "version": "1.36.5"
                },
                {
                  "status": "affected",
                  "version": "1.36.6"
                },
                {
                  "status": "affected",
                  "version": "1.36.7"
                },
                {
                  "status": "affected",
                  "version": "1.36.8"
                },
                {
                  "status": "affected",
                  "version": "1.36.9"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Dem0000000 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch the attack remotely. The pull request to fix this issue awaits acceptance."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-13T06:45:10.052Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377891 | will-moss Isaiah Master Websocket server.go Server.Handle authorization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377891"
            },
            {
              "name": "VDB-377891 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377891/cti"
            },
            {
              "name": "CVE-2026-15541 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15541"
            },
            {
              "name": "Submit #855074 | will-moss Isaiah 1.36.9 CWE-862 Missing Authorization",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/855074"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/will-moss/isaiah/issues/34"
            },
            {
              "tags": [
                "issue-tracking",
                "patch"
              ],
              "url": "https://github.com/will-moss/isaiah/pull/35"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/will-moss/isaiah/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-12T20:17:31.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "will-moss Isaiah Master Websocket server.go Server.Handle authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15541",
        "datePublished": "2026-07-13T06:45:10.052Z",
        "dateReserved": "2026-07-12T18:12:28.084Z",
        "dateUpdated": "2026-07-13T06:45:10.052Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15542 (GCVE-0-2026-15542)

    Vulnerability from cvelistv5 – Published: 2026-07-13 07:00 – Updated: 2026-07-13 07:00
    VLAI
    Title
    will-moss Isaiah Websocket Connection Authentication main.go improper authentication
    Summary
    A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance.
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    will-moss Isaiah Affected: 1.36.0
    Affected: 1.36.1
    Affected: 1.36.2
    Affected: 1.36.3
    Affected: 1.36.4
    Affected: 1.36.5
    Affected: 1.36.6
    Affected: 1.36.7
    Affected: 1.36.8
    Affected: 1.36.9
        cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Dem0000000 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Websocket Connection Authentication"
              ],
              "product": "Isaiah",
              "vendor": "will-moss",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.36.0"
                },
                {
                  "status": "affected",
                  "version": "1.36.1"
                },
                {
                  "status": "affected",
                  "version": "1.36.2"
                },
                {
                  "status": "affected",
                  "version": "1.36.3"
                },
                {
                  "status": "affected",
                  "version": "1.36.4"
                },
                {
                  "status": "affected",
                  "version": "1.36.5"
                },
                {
                  "status": "affected",
                  "version": "1.36.6"
                },
                {
                  "status": "affected",
                  "version": "1.36.7"
                },
                {
                  "status": "affected",
                  "version": "1.36.8"
                },
                {
                  "status": "affected",
                  "version": "1.36.9"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Dem0000000 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-13T07:00:09.998Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377892 | will-moss Isaiah Websocket Connection Authentication main.go improper authentication",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/377892"
            },
            {
              "name": "VDB-377892 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377892/cti"
            },
            {
              "name": "CVE-2026-15542 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15542"
            },
            {
              "name": "Submit #855075 | will-moss Isaiah 1.36.9 CWE-287 Improper Authentication",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/855075"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/will-moss/isaiah/issues/33"
            },
            {
              "tags": [
                "issue-tracking",
                "patch"
              ],
              "url": "https://github.com/will-moss/isaiah/pull/36"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/will-moss/isaiah/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-12T20:18:56.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "will-moss Isaiah Websocket Connection Authentication main.go improper authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15542",
        "datePublished": "2026-07-13T07:00:09.998Z",
        "dateReserved": "2026-07-12T18:13:53.748Z",
        "dateUpdated": "2026-07-13T07:00:09.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15541 (GCVE-0-2026-15541)

    Vulnerability from cvelistv5 – Published: 2026-07-13 06:45 – Updated: 2026-07-13 06:45
    VLAI
    Title
    will-moss Isaiah Master Websocket server.go Server.Handle authorization
    Summary
    A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch the attack remotely. The pull request to fix this issue awaits acceptance.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    will-moss Isaiah Affected: 1.36.0
    Affected: 1.36.1
    Affected: 1.36.2
    Affected: 1.36.3
    Affected: 1.36.4
    Affected: 1.36.5
    Affected: 1.36.6
    Affected: 1.36.7
    Affected: 1.36.8
    Affected: 1.36.9
        cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Dem0000000 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:will-moss:isaiah:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Master Websocket Handler"
              ],
              "product": "Isaiah",
              "vendor": "will-moss",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.36.0"
                },
                {
                  "status": "affected",
                  "version": "1.36.1"
                },
                {
                  "status": "affected",
                  "version": "1.36.2"
                },
                {
                  "status": "affected",
                  "version": "1.36.3"
                },
                {
                  "status": "affected",
                  "version": "1.36.4"
                },
                {
                  "status": "affected",
                  "version": "1.36.5"
                },
                {
                  "status": "affected",
                  "version": "1.36.6"
                },
                {
                  "status": "affected",
                  "version": "1.36.7"
                },
                {
                  "status": "affected",
                  "version": "1.36.8"
                },
                {
                  "status": "affected",
                  "version": "1.36.9"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Dem0000000 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch the attack remotely. The pull request to fix this issue awaits acceptance."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-13T06:45:10.052Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-377891 | will-moss Isaiah Master Websocket server.go Server.Handle authorization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/377891"
            },
            {
              "name": "VDB-377891 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/377891/cti"
            },
            {
              "name": "CVE-2026-15541 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-15541"
            },
            {
              "name": "Submit #855074 | will-moss Isaiah 1.36.9 CWE-862 Missing Authorization",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/855074"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/will-moss/isaiah/issues/34"
            },
            {
              "tags": [
                "issue-tracking",
                "patch"
              ],
              "url": "https://github.com/will-moss/isaiah/pull/35"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/will-moss/isaiah/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-07-12T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-07-12T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-07-12T20:17:31.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "will-moss Isaiah Master Websocket server.go Server.Handle authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-15541",
        "datePublished": "2026-07-13T06:45:10.052Z",
        "dateReserved": "2026-07-12T18:12:28.084Z",
        "dateUpdated": "2026-07-13T06:45:10.052Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }