Lucene search
K

4 matches found

OSV
OSV
added 2026/03/25 8:16 p.m.4 views

DEBIAN-CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

6.5CVSS6.1AI score0.00259EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 8:16 p.m.11 views

UBUNTU-CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

8.1CVSS5.8AI score0.00259EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/25 7:43 p.m.5 views

CVE-2026-33217 NATS allows MQTT clients to bypass ACL checks

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS5.8AI score0.00259EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/25 7:43 p.m.3 views

CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS5.8AI score0.00259EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder