CVE-2025-11677 | warmcat libwebsockets up to 4.3.6/4.4.2 lws_handshake_server use after free

October 20, 2025 Yanac

A vulnerability classified as critical was found in warmcat libwebsockets up to 4.3.6/4.4.2. Affected is the function lws_handshake_server. Such manipulation leads to use after free.

This vulnerability is uniquely identified as CVE-2025-11677. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-61454 | Bhabishya-123 E-commerce 1.0 Search Endpoint cross site scripting
CVE-2025-11678 | warmcat libwebsocket up to 4.3.6/4.4.2 lws_adns_parse_label stack-based overflow