Ghostwire

CVE-2026-23538: A vulnerability was identified in the Feast Feature Server's `/ws/chat` endpoint that allows remote attackers to...

HIGH CVSS 7.5 Exploit Available

Published: July 16, 2026 | Last Modified: July 16, 2026

Description

A vulnerability was identified in the Feast Feature Server's `/ws/chat` endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU, and file descriptors—leading to a complete denial of service for legitimate users.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References