6 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-33217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message...
DEBIAN-CVE-2026-33217
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...
CVE-2026-33217
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...
CVE-2026-33217
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...
CVE-2026-33217 NATS allows MQTT clients to bypass ACL checks
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...
CVE-2026-33217
creationtimestamp| type| source ---|---|--- 2026-03-25 19:16:32+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33217 2026-03-27 03:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhz4tngrvz2k...