Severity by source
AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionGitHub Advisory
Description
DevSpace's UI server WebSocket accepts connections from all origins by default, and therefore several endpoints are exposed via this WebSocket. When a developer runs the DevSpace UI and at the same time uses a browser to access the internet, a malicious website they visit can use their browser to establish a cross-origin WebSocket connection to ws://127.0.0.1:8090. This allows an attacker to access:
/api/logsto stream real-time pod logs/api/enterto open an interactive shell inside the running pod/api/commandto execute pre-defined pipeline commands
Patches
Versions 6.3.21 and above are patched.
Resources
gorilla/websocket CheckOrigin documentation
Installation Options
Devspace is no longer publishing to NPM or Yarn, please continue to use our other installation methods to get updates in the future, including this patch.
Credit
DevSpace thanks @b0b0haha for finding and reporting this vulnerability.
AnalysisAI
Cross-Site WebSocket Hijacking in DevSpace UI Server allows remote attackers to execute commands inside Kubernetes pods when developers visit malicious websites while DevSpace UI is running. The UI server's WebSocket endpoint at localhost:8090 accepts connections from any origin, enabling browser-based exploitation without authentication. DevSpace 6.3.20 and earlier are affected; version 6.3.21 contains the fix. No public exploit code identified at time of analysis, but exploitation technique is well-documented in WebSocket security research. The vulnerability enables attackers to stream pod logs, open interactive shells, and execute pipeline commands through the victim's active DevSpace session.
Technical ContextAI
DevSpace is a Kubernetes development tool written in Go that provides a local UI server for managing development environments. The vulnerability stems from improper implementation of the gorilla/websocket library's CheckOrigin function, which by default returns true for all origins. The WebSocket server listens on localhost:8090 and exposes three critical API endpoints (/api/logs, /api/enter, /api/command) without origin validation. This is a Cross-Site WebSocket Hijacking (CSWSH) attack vector, classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). Modern browsers allow JavaScript on any webpage to initiate WebSocket connections to localhost, and without CheckOrigin validation, the server cannot distinguish legitimate UI connections from attacker-controlled cross-origin requests. The affected package is pkg:go/github.com/loft-sh/devspace, and the fix in version 6.3.21 implements proper origin checking per gorilla/websocket security guidelines.
RemediationAI
Upgrade to DevSpace 6.3.21 or later, which implements proper WebSocket origin validation per the gorilla/websocket CheckOrigin security model. The patch is available through standard DevSpace installation methods documented at https://www.devspace.sh/docs/getting-started/installation - do NOT use deprecated NPM/Yarn packages. If immediate upgrade is not feasible, implement the following compensating controls: (1) Only run DevSpace UI when actively needed, then terminate the process - this minimizes the attack window to seconds rather than hours. (2) Use browser profiles or separate browsers for development work versus general web browsing, ensuring the browser running DevSpace UI never navigates to untrusted sites. (3) Deploy network-level controls to block outbound WebSocket connections from web browsers to localhost:8090, though this may interfere with legitimate UI functionality. (4) Consider firewall rules restricting which processes can bind to port 8090, though this is complex to implement correctly. Note that disabling the UI server entirely eliminates the attack surface but removes DevSpace's visual management capabilities. The primary fix (upgrade to 6.3.21) has no known side effects and is the recommended remediation.
FortiOS and FortiProxy contain an authentication bypass via the Node.js websocket module allowing unauthenticated remote
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for t
Flowise version 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig paramete
Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was inc
An issue was discovered in the node-serialize package 0.0.4 for Node.js. Rated critical severity (CVSS 9.8), this vulner
Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary fi
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rat
The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of se
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30319
GHSA-hqwm-7x7x-8379