CVE-2025-68930 | Traccar up to 6.11.1 Websocket Connection /api/socket missing origin validation in websockets (GHSA-69×6-wcx2-vghp)

Inserito da Angelo Barbosa | Feb 24, 2026 | CVE

A vulnerability classified as critical has been found in Traccar up to 6.11.1. This affects an unknown part of the file /api/socket of the component Websocket Connection Handler. This manipulation causes missing origin validation in websockets.

This vulnerability is tracked as CVE-2025-68930. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-68930 | Traccar up to 6.11.1 Websocket Connection /api/socket missing origin validation in websockets (GHSA-69×6-wcx2-vghp)

Post correlati

CVE-2025-37090 | HPE StoreOnce Software up to 4.3.10 server-side request forgery

CVE-2024-9446 | WP Simple Anchors Links Plugin up to 1.0.0 on WordPress Shortcode wpanchor cross site scripting

CVE-2025-8420 | Request a Quote Form Plugin up to 2.5.2 on WordPress emd_form_builder_lite_pagenum Remote Code Execution

CVE-2024-29318 | Volmarg Personal Management System 1.4.64 SVG File cross site scripting