CVE-2025-66902 - Pithikos Websocket Server

January 20, 2026

Critical 7.5

An input validation issue in in Pithikos websocket-server v.0.6.4 allows a remote attacker to obtain sensitive information or cause unexpected server behavior via the websocket_server/websocket_server.py, WebSocketServer._message_received components.