Improper Authentication Vulnerability in will-moss Isaiah Websocket Connection
CVE-2026-15542

6.9MEDIUM

Key Information:

Vendor

Will-moss

Status
Vendor
CVE Published:
13 July 2026

What is CVE-2026-15542?

A vulnerability exists in the will-moss Isaiah product that affects its websocket connection authentication mechanism. The issue occurs in the main.go file, enabling an attacker to exploit improper authentication remotely. This vulnerability can allow unauthorized access, raising security concerns for systems reliant on this functionality. A pull request aimed at rectifying this flaw is currently pending acceptance.

Affected Version(s)

Isaiah 1.36.0

Isaiah 1.36.1

Isaiah 1.36.2

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Dem0000000 (VulDB User)
VulDB CNA Team
.