Ctrl + K
/ news / CVE
CVEPublished 2026-06-02Modified 2026-06-040 articles on news5 live referencesNVD data

CVE-2026-10650

Vulnerability data via NVD (ingested)

CVSS v3.1
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS percentile
17
Exploit Prediction Scoring System · top 83% of all CVEs
Weaknesses (CWE)
CWE-400Uncontrolled Resource ConsumptionCWE-404Improper Resource Shutdown or Release
Description

A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue.

Timeline
Published 2026-06-02
Modified 2026-06-04

External references

NVDMITREExploit-DBSploitusVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-10650
Hosts Shodan has explicitly fingerprinted as vulnerable.
More intel sources (5)
Shodan report
vuln:CVE-2026-10650
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-10650
Censys host search filtered to this CVE id.
grep.app
CVE-2026-10650
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-10650
GitHub code search for direct mentions.
Google dork
"CVE-2026-10650" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (8)

CVE-2026-106508 repos
FIRST-Tech-Challenge/FtcRobotControllerJava
FTC Android Studio Workspace for robot programming in Android Studio
★ 1,231·updated 4mo ago
CoreControlLib/CoreControlQuickstartJava
The quickstart repository for programming an FTC robot with the CoreControl library. Currently supporting code for seasons up to Decode 2025-2026
★ 24·updated 3mo ago
WoEN239/Decode33333Java
FTC 2025-2026 DECODE 33333 WoEN: EDGE
★ 6·updated 3mo ago
Murray-Bridge-Bunyips/BunyipsFTCJava
2026 FIRST Tech Challenge Robotics | FTC 15215, 22407, 24736
★ 5·updated 3d ago
FGC-Team-Brazil/FGCLibJava
★ 5·updated 3d ago
trc492/FtcTemplateJava
★ 4·updated 5mo ago
MidKnightMadness/MidknightMadnessDecode25-26Java
FTC Android Studio Workspace for robot programming in Android Studio
★ 4·updated 1mo ago
wongnkazuma/FtcRobotController-master-TeamCodeJava
this is the main FTC code for the robot controll. everyone create a clode of this of you pc, than you can edit stuff and add stuff, you can reqest to push and i wil accept and it w…
★ 4·updated 4mo ago
We haven't classified any articles referencing CVE-2026-10650 yet. The external references above still apply.