Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable WebSocket auth bypass requires no privileges or interaction; limited C/I/A impact consistent with Docker UI access, scope unchanged per 4.0 SC:N.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance.
AnalysisAI
Improper WebSocket authentication in will-moss Isaiah up to version 1.36.9 permits unauthenticated remote attackers to establish authenticated WebSocket sessions against the Docker management interface. The flaw resides in app/main.go within the WebSocket Connection Authentication component, where authentication controls can be bypassed, granting access to Docker management functionality without valid credentials. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attacker must have network-level reachability to the TCP port on which Isaiah is listening (no special network position beyond connectivity is required given AV:N/AC:L). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L) scores 6.9, reflecting a straightforward, unauthenticated network-reachable attack with no complexity or prior privilege required, but with only limited confidentiality, integrity, and availability impact to the vulnerable system and no rated subsequent-system impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network access to the Isaiah web interface sends a WebSocket upgrade request to the management endpoint without supplying valid credentials. The server's authentication handler in app/main.go fails to reject the unauthenticated connection, granting the attacker a live WebSocket session with full Docker management capability - enabling them to enumerate, start, stop, or reconfigure containers. … |
| Remediation | No released patched version has been independently confirmed at time of analysis; the upstream fix exists as a pending pull request at https://github.com/will-moss/isaiah/pull/36 which has not yet been merged or tagged as a release. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43299
GHSA-9cxj-6mj4-pxvp