CVE report

CVE-2026-55592medium

Dashy <= 4.3.6 - Reflected XSS via Workspace

Events 7d

564

Distinct IPs

471

Severity

medium

CISA KEV

Not listed

Daily probe volume (last 7 days)

peak: 302
2026-06-24: 3 events06-242026-06-25: 302 events06-252026-06-26: 13 events06-262026-06-27: 21 events06-272026-06-28: 23 events06-282026-06-29: 37 events06-292026-06-30: 150 events06-302026-07-01: 15 events07-01

Downloads & integrations

Top sources probing for CVE-2026-55592

Top networks the attempts come from

Fingerprints of the clients exploiting this

The HTTP (JA4H) and TLS (JA4) fingerprints seen on these attempts. Click one to see the whole population that carries it.

Sample request paths observed

  • /.idea/workspace.xml
  • /workspace/%2eenv
  • /config/workspace%2ejs
  • /workspace/drupal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
  • /%2ejenkins/workspace/
  • /workspace%2ejson

URL patterns we match

An event counts toward CVE-2026-55592 if its URL path contains any of these substrings (case-insensitive).

  • ยท /workspace