VulnerableCode Vulnerability Details - VCID-a5uy-wfv9-gbbd

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-a5uy-wfv9-gbbd

Essentials
Severities (10)
References (9)
Severity details (7)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-a5uy-wfv9-gbbd
Aliases	CVE-2016-10518 GHSA-2mhh-w6q8-5hxw
Summary	Remote Memory Disclosure in ws
Status	Published
Exploitability	0.5
Weighted Severity	2.7
Risk	1.4
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-201	Insertion of Sensitive Information Into Sent Data
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00345	https://api.first.org/data/v1/epss?cve=CVE-2016-10518
epss	0.00345	https://api.first.org/data/v1/epss?cve=CVE-2016-10518
epss	0.00345	https://api.first.org/data/v1/epss?cve=CVE-2016-10518
generic_textual	LOW	https://gist.github.com/c0nrad/e92005446c480707a74a
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-2mhh-w6q8-5hxw
generic_textual	LOW	https://github.com/advisories/GHSA-2mhh-w6q8-5hxw
generic_textual	LOW	https://github.com/websockets/ws/commit/29293ed11b679e0366fa0f6bb9310b330dafd795
generic_textual	LOW	https://github.com/websockets/ws/releases/tag/1.0.1
generic_textual	LOW	https://nvd.nist.gov/vuln/detail/CVE-2016-10518
generic_textual	LOW	https://www.npmjs.com/advisories/67

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2016-10518
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10518
		https://gist.github.com/c0nrad/e92005446c480707a74a
		https://github.com/websockets/ws/commit/29293ed11b679e0366fa0f6bb9310b330dafd795
		https://github.com/websockets/ws/releases/tag/1.0.1
		https://nodesecurity.io/advisories/67
		https://www.npmjs.com/advisories/67
CVE-2016-10518		https://nvd.nist.gov/vuln/detail/CVE-2016-10518
GHSA-2mhh-w6q8-5hxw		https://github.com/advisories/GHSA-2mhh-w6q8-5hxw

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.57429
EPSS Score	0.00345
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T20:25:04.996712+00:00	GHSA Importer	Import	https://github.com/advisories/GHSA-2mhh-w6q8-5hxw	38.6.0