Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-13132

Summary
Assigner-GV
Assigner Org ID-0df08a0e-a200-4957-9bb0-084f562506f9
Published At-02 Jul, 2026 | 02:17
Updated At-02 Jul, 2026 | 12:31
Rejected At-
Credits

GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### setStream command index-out-of-bound

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GV
Assigner Org ID:0df08a0e-a200-4957-9bb0-084f562506f9
Published At:02 Jul, 2026 | 02:17
Updated At:02 Jul, 2026 | 12:31
Rejected At:
â–¼CVE Numbering Authority (CNA)
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### setStream command index-out-of-bound

Affected Products
Vendor
GeoVision Inc.
Product
GeoWebPlayer
Package Name
GeoWebPlayer
Platforms
  • Windows
  • 64 bit
Default Status
unaffected
Versions
Affected
  • V1.1.1.0
Unaffected
  • V1.1.3.0
Problem Types
TypeCWE IDDescription
CWECWE-129CWE-129 Improper validation of array index
Type: CWE
CWE ID: CWE-129
Description: CWE-129 Improper validation of array index
Metrics
VersionBase scoreBase severityVector
3.18.3HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-540CAPEC-540 Overread Buffers
CAPEC ID: CAPEC-540
Description: CAPEC-540 Overread Buffers
Solutions

The vulnerability has been patched with GeoWebPlayer V1.1.3.0

Configurations

Workarounds

Exploits

Credits

finder
Philippe Laulheret of Cisco Talos
remediation reviewer
Kelly Patterson of Cisco Talos
coordinator
Robert Sherwin of Cisco Talos
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.geovision.com.tw/cyber_security.php
vendor-advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2026-2373
third-party-advisory
Hyperlink: https://www.geovision.com.tw/cyber_security.php
Resource:
vendor-advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2026-2373
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:0df08a0e-a200-4957-9bb0-084f562506f9
Published At:02 Jul, 2026 | 04:17
Updated At:02 Jul, 2026 | 16:51

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### setStream command index-out-of-bound

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.3HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 8.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-129Secondary0df08a0e-a200-4957-9bb0-084f562506f9
CWE ID: CWE-129
Type: Secondary
Source: 0df08a0e-a200-4957-9bb0-084f562506f9
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2026-23730df08a0e-a200-4957-9bb0-084f562506f9
N/A
https://www.geovision.com.tw/cyber_security.php0df08a0e-a200-4957-9bb0-084f562506f9
N/A
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2026-2373
Source: 0df08a0e-a200-4957-9bb0-084f562506f9
Resource: N/A
Hyperlink: https://www.geovision.com.tw/cyber_security.php
Source: 0df08a0e-a200-4957-9bb0-084f562506f9
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

16Records found

CVE-2026-57269
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.24% / 14.97%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:20
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### disconnect command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57272
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.25% / 15.87%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:22
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### byPass command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57266
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:19
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### 2wayAudio command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57267
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.22% / 12.40%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:19
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### snapshot command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57264
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:18
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### setPIP command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57271
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.24% / 14.31%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:21
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. #### pause command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57270
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.22% / 12.40%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:21
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### play command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57268
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.40%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:20
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. ### saveVideo command index-out-of-bound When sending the `saveVideo` command, the `index` field is extracted from the websocket message [1]. Then without checking the range of the index, it is used to trigger a CriticalSection ([2]) and releases it [3]. The release function call ([3]) is executed using a function pointer which will be read out of bounds potentially leading to code execution: v6 = get_entry(a2, "index"); result = json_is_value_int(v6); if ( (_BYTE)result ) { v8 = get_entry(a2, "index"); index = json_value_to_int(&v8->value); // [1] result = CCriticalSection::EnterCritSection(&this->crit_sections[index]); //[2] if ( result ) { if ( this->array_of_IPCams[index] ) { if ( this->array_of_IPCams[index]->field_20 ) do_PostMessageA((CViewer *)this->array_of_IPCams[index], 0x111u, 0x139Fu, v11); } return (*(int (__thiscall **)(CCriticalSection *))(this->crit_sections[index].vtbl + 20))(&this->crit_sections[index]); //[3] } }

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-13131
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:14
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### connectInfo command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57265
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-10
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:18
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### audio command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57277
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.28% / 19.84%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:25
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in key field

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57278
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.28% / 19.84%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:26
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in ip field

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57276
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:25
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in password field (key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57274
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:24
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in password field (no key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57275
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:24
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in username field (key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57273
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Matching Score-8
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:23
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in username field (no key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Details not found