Origin Validation Flaw in WebSockets Affects PcVue by PcVue Technologies
CVE-2026-1692
5.3MEDIUM
What is CVE-2026-1692?
The WebSockets vulnerability in PcVue's GraphicalData services has been identified, specifically impacting versions 12.0.0 through 16.3.3. This flaw arises from missing origin validation, which may allow a remote attacker to redirect a successfully authenticated user to a malicious site. The vulnerability primarily affects the endpoints GraphicalData/js/signalR/connect and GraphicalData/js/signalR/reconnect. Admins are advised to implement necessary mitigations to secure their systems against potential exploits.
Affected Version(s)
PcVue 16.0.0 <= 16.3.3
PcVue 15.0.0 <= 15.2.13
PcVue 12.0.0
