Unauthenticated Remote Attack Risk in Midscene Bridge Server by Web Infra Dev
CVE-2026-59804

7.6HIGH

Key Information:

Status
Vendor
CVE Published:
8 July 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-59804?

The Midscene Bridge Server, up to version 1.10.3, is susceptible to a vulnerability that enables unauthenticated remote attackers to hijack active bridge sessions. This exploit works by opening a cross-origin WebSocket connection to the local Socket.IO server, which fails to validate the Origin header and does not require an authentication token. As a result, attackers can connect to a session from any webpage accessed by the victim, potentially allowing them to seize control of the single-client slot, intercept and inject automation commands, exfiltrate command-payload data, or even terminate the server unconditionally.

Affected Version(s)

midscene 0 <= 1.10.3

midscene 86f4118d1d847041c63d79e347e08c87c3f1a882

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

CVSS V4

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

George Chen
.