CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

RedhatCVE•added 2026/05/11 8:26 p.m.•4 views

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS5.8AI score0.00116EPSS

Exploits0References1

NVD•added 2026/05/08 10:16 p.m.•11 views

CVE-2026-42209

6.5CVSS0.00116EPSS

Exploits0References4

Cvelist•added 2026/05/08 9:40 p.m.•28 views

CVE-2026-42209 FlashMQ: Division by zero crash when using non-default deferred retained message setting

6.5CVSS0.00116EPSS

Exploits0References4

EUVD•added 2026/05/08 9:40 p.m.•7 views

EUVD-2026-28838

6.5CVSS5.8AI score0.00116EPSS

Exploits0References4

Vulnrichment•added 2026/05/08 9:40 p.m.•4 views

CVE-2026-42209 FlashMQ: Division by zero crash when using non-default deferred retained message setting

6.5CVSS5.8AI score0.00116EPSS

Exploits0References4

ATTACKERKB•added 2026/05/08 9:40 p.m.•7 views

CVE-2026-42209

6.5CVSS5.8AI score0.00116EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/08 9:40 p.m.•8 views

CVE-2026-42209

Summary: CVE-2026-42209 affects FlashMQ, a MQTT broker/server for multi-CPU environments. Before v1.26.1, a remote client with retained publish permission can trigger a crash of the FlashMQ broker when both set_retained_message_defer_timeout and set_retained_message_defer_timeout_spread are non-d...

6.5CVSS5.8AI score0.00116EPSS

Exploits0References4

CNNVD•added 2026/05/08 12:0 a.m.•2 views

FlashMQ 数字错误漏洞

FlashMQ is a fast and lightweight MQTT proxy server developed by Wiebe Cazemier. Versions of FlashMQ prior to 1.26.1 contained a numerical error vulnerability. This vulnerability could cause the FlashMQ proxy to crash and lead to a denial-of-service attack when the setretainedmessagedefertimeout...

6.5CVSS5.8AI score0.00116EPSS

Exploits0References1

Positive Technologies•added 2026/05/08 12:0 a.m.•6 views

PT-2026-39199

Name of the Vulnerable Software and Affected Versions FlashMQ versions prior to 1.26.1 Description A remote client with retained publish permission can cause a denial of service by crashing the broker. This occurs when both set retained message defer timeout and set retained message defer timeout...

6.5CVSS5.8AI score0.00116EPSS

Exploits0References6

RedhatCVE•added 2025/10/25 8:31 p.m.•1 views

CVE-2025-62723

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon eventual session expiration. Version 1.23.2 fixes the issue...

4.3CVSS6.8AI score0.00056EPSS

Exploits0References1

CNNVD•added 2025/10/25 12:0 a.m.•1 views

FlashMQ 安全漏洞

FlashMQ is a fast and lightweight MQTT proxy server from the individual developer Wiebe Cazemier. A security vulnerability exists in FlashMQ versions prior to 1.23.2 that stems from an authenticated user being able to create sessions and collect QoS messages, potentially resulting in unreleased...

4.3CVSS6.5AI score0.00056EPSS

Exploits0References1

NVD•added 2025/10/24 9:16 p.m.•5 views

CVE-2025-62723

4.3CVSS0.00056EPSS

Exploits0References3

OSV•added 2025/10/24 8:16 p.m.•2 views

CVE-2025-62723 FlashMQ does not release memory of queued QoS messages

4.3CVSS6.8AI score0.00056EPSS

Exploits0References5

Cvelist•added 2025/10/24 8:16 p.m.•12 views

CVE-2025-62723 FlashMQ does not release memory of queued QoS messages

4.3CVSS0.00056EPSS

Exploits0References3

EUVD•added 2025/10/24 8:16 p.m.•1 views

EUVD-2025-35890

4.3CVSS6.2AI score0.00056EPSS

Exploits0References3

CVE•added 2025/10/24 8:16 p.m.•5 views

CVE-2025-62723

FlashMQ is an MQTT broker where, before 1.23.2, any authenticated user can create sessions that collect QoS messages. If not delivered to a client, these messages are not released when the session expires, which can lead to resource exhaustion or unreleased QoS data. The issue is fixed in version...

4.3CVSS6.4AI score0.00056EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2025/10/24 12:0 a.m.•2 views

PT-2025-43673

Name of the Vulnerable Software and Affected Versions FlashMQ versions prior to 1.23.2 Description FlashMQ, a MQTT broker/server designed for multi-CPU environments, has an issue where authenticated users can create sessions that collect Quality of Service QoS messages. These messages are not...

4.3CVSS6.5AI score0.00056EPSS

Exploits0References8

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-54829

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00149EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-54830

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00143EPSS

Exploits1References3

RedhatCVE•added 2025/07/31 12:33 a.m.•3 views

CVE-2024-42644

FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0...

7.5CVSS7.6AI score0.00143EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by