CVE-2026-44838

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

CVE-2025-56352

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...

tinyMQTT 资源管理错误漏洞

tinyMQTT is a pre-sorted tree traversal algorithm library developed by 0x7C9A. There is a resource management vulnerability in tinyMQTT; this vulnerability stems from improper protocol handling during the parsing of CONNECT packets, which may lead to exhaustion of server resources. The following...

EUVD-2019-15808

Malware in sbrugna...

curl: Buffer Overflow in curl MQTT Test Server (tests/server/mqttd.c) via Malicious CONNECT Packet

Title: Buffer Overflow in curl MQTT Test Server mqttd.c via Malicious CONNECT Packet Description The MQTT test server mqttd.c in the curl project contains a buffer overflow vulnerability due to improper validation of password length fields in MQTT CONNECT packets. An attacker can craft a maliciou...

CVE-2024-44775

kmqtt v0.2.7 is vulnerable to Denial of Service DoS due to a Null Pointer Exception. A remote attacker can cause the broker to crash by sending a specially crafted MQTT CONNECT packet that triggers an unhandled null reference, leading to an immediate process termination...

PT-2024-38981

Name of the Vulnerable Software and Affected Versions: Eclipse Mosquitto versions up to 2.0.18a Description: The issue allows an attacker to cause memory leaking, segmentation fault, or heap-use-after-free by sending specific sequences of packets, including "CONNECT", "DISCONNECT", "SUBSCRIBE",...

CVE-2023-3592

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types...

The vulnerability of the Mosquitto messaging broker lies in the improper release of memory before deleting last-level links, allowing attackers to trigger a service failure.

The vulnerability of the Mosquitto messaging broker is related to incorrect processing of the CONNECT packet when there are no will topics, no will messages, and no will flags, nor any will properties. Exploiting this vulnerability allows a remote attacker to cause service failures...

CVE-2019-6241

In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker...

Eclipse Mosquitto memory leak vulnerability

Eclipse Mosquitto is an open source messaging agent software from the Eclipse Foundation . A memory disclosure vulnerability exists in Eclipse Mosquitto 1.4.15 and earlier versions. An attacker can exploit this vulnerability by sending specially crafted CONNECT packets to cause a denial of servic...

Buffer overflow

The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service crash or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which...

CVE-1999-1505

Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service crash and possibly execute arbitrary commands via a long initial connect packet...