CVE report
CVE-2026-55592medium
Dashy <= 4.3.6 - Reflected XSS via Workspace
Events 7d
564
Distinct IPs
471
Severity
medium
CISA KEV
Not listed
Daily probe volume (last 7 days)
peak: 302Downloads & integrations
Top sources probing for CVE-2026-55592
- 83.168.106.266 eventsPolandยท SkyPass Solutions Sp. z.o.o.
- 110.35.80.1165 eventsIndonesiaยท PT. NAP Info Lintas Nusa
- 101.47.8.1874 eventsSingaporeยท Byteplus Pte. Ltd.
- 47.253.5.1304 eventsUnited Statesยท Alibaba (US) Technology Co., Ltd.
- 31.132.90.33 eventsKazakhstanยท Kar-Tel LLC
- 185.177.72.383 eventsFranceยท Bucklog SARL
- 13.140.137.1893 eventsFrance
- 212.127.90.2013 eventsPolandยท Korbank S. A.
- 185.177.72.2053 eventsFranceยท Bucklog SARL
- 81.226.129.673 eventsSwedenยท Telia Company AB
- 212.127.91.323 eventsPolandยท Korbank S. A.
- 77.83.246.973 eventsPolandยท Global Connectivity Solutions Llp
- 172.185.40.473 eventsUnited Statesยท Microsoft Corporation
- 34.130.84.912 eventsCanada
- 34.50.103.2512 eventsIndonesia
- 8.231.91.502 eventsIndia
- 34.24.16.992 eventsUnited States
- 34.16.77.982 eventsUnited States
- 8.231.93.2152 eventsIndia
- 34.125.126.1582 eventsUnited States
- 34.125.198.2012 eventsUnited States
- 136.107.116.1822 eventsUnited States
- 34.23.194.1632 eventsUnited States
- 34.19.194.412 eventsCanada
- 34.77.80.792 eventsBelgium
- 136.114.97.1232 eventsUnited States
- 35.189.40.1252 eventsAustralia
- 8.231.110.572 eventsIndia
- 136.119.226.752 eventsUnited States
- 115.191.32.572 eventsChinaยท Beijing Volcano Engine Technology Co., Ltd.
Top networks the attempts come from
- AS396982 Google LLC396 IPs ยท 448 ev
- AS211590 Bucklog SARL6 IPs ยท 11 ev
- AS45102 Alibaba (US) Technology Co., Ltd.7 IPs ยท 10 ev
- AS51167 Contabo GmbH3 IPs ยท 6 ev
- AS35179 Korbank S. A.2 IPs ยท 6 ev
- AS202520 SkyPass Solutions Sp. z.o.o.1 IPs ยท 6 ev
- AS150436 Byteplus Pte. Ltd.2 IPs ยท 5 ev
- AS9808 China Mobile Communications Group Co., Ltd.5 IPs ยท 5 ev
- AS17727 PT. NAP Info Lintas Nusa1 IPs ยท 5 ev
- AS137718 Beijing Volcano Engine Technology Co., Ltd.3 IPs ยท 4 ev
Fingerprints of the clients exploiting this
The HTTP (JA4H) and TLS (JA4) fingerprints seen on these attempts. Click one to see the whole population that carries it.
Sample request paths observed
- /.idea/workspace.xml
- /workspace/%2eenv
- /config/workspace%2ejs
- /workspace/drupal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
- /%2ejenkins/workspace/
- /workspace%2ejson
URL patterns we match
An event counts toward CVE-2026-55592 if its URL path contains any of these substrings (case-insensitive).
- ยท /workspace