Unauthenticated Remote Attack Risk in Midscene Bridge Server by Web Infra Dev
CVE-2026-59804
Key Information:
- Vendor
Web-infra-dev
- Status
- Vendor
- CVE Published:
- 8 July 2026
Badges
What is CVE-2026-59804?
The Midscene Bridge Server, up to version 1.10.3, is susceptible to a vulnerability that enables unauthenticated remote attackers to hijack active bridge sessions. This exploit works by opening a cross-origin WebSocket connection to the local Socket.IO server, which fails to validate the Origin header and does not require an authentication token. As a result, attackers can connect to a session from any webpage accessed by the victim, potentially allowing them to seize control of the single-client slot, intercept and inject automation commands, exfiltrate command-payload data, or even terminate the server unconditionally.
Affected Version(s)
midscene 0 <= 1.10.3
midscene 86f4118d1d847041c63d79e347e08c87c3f1a882
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
