Description
A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance.
Problem types
Product status
1.36.1
1.36.2
1.36.3
1.36.4
1.36.5
1.36.6
1.36.7
1.36.8
1.36.9
Timeline
| 2026-07-12: | Advisory disclosed |
| 2026-07-12: | VulDB entry created |
| 2026-07-12: | VulDB entry last update |
Credits
Dem0000000 (VulDB User)
VulDB CNA Team
References
vuldb.com/vuln/377892 (VDB-377892 | will-moss Isaiah Websocket Connection Authentication main.go improper authentication)
vuldb.com/vuln/377892/cti (VDB-377892 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15542 (CVE-2026-15542 | CVE Analysis and Report)
vuldb.com/submit/855075 (Submit #855075 | will-moss Isaiah 1.36.9 CWE-287 Improper Authentication)
github.com/will-moss/isaiah/issues/33
github.com/will-moss/isaiah/pull/36
github.com/will-moss/isaiah/