484 matches found
ROOT-APP-GOBINARY-CVE-2026-33249 CVE-2026-33249 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33249 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33217 CVE-2026-33217 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33217 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33219 CVE-2026-33219 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33219 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33216 CVE-2026-33216 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33216 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33246 CVE-2026-33246 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33246 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33248 CVE-2026-33248 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33248 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33223 CVE-2026-33223 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33223 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33247 CVE-2026-33247 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33247 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33215 CVE-2026-33215 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33215 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-29785 CVE-2026-29785 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-29785 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33222 CVE-2026-33222 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33222 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-27889 CVE-2026-27889 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-27889 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33218 CVE-2026-33218 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33218 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: cni-plugins, commercial-grafana, nri-nagios-fips, docker-credential-acr-env-fips, prometheus-node-exporter, pvc-autoresizer, stern, nri-rabbitmq-fips, s5cmd, argo-cd-fips, dive, kcp-fips-0.29, smokescreen, rancher-telemetry, podinfo-fips, caddy, calico,...
NATS Server panic via malicious compression on leafnode port
...
NATS has MQTT plaintext password disclosure
...
BIT-NATS-2026-33249 NATS: Message tracing can be redirected to arbitrary subject
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...
SUSE CVE-2026-33215
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server provides an MQTT client interface. Prior to versions 2.11.15 and 2.12.5, Sessions and Messages can by hijacked via MQTT Client ID malfeasance. Versions 2.11.15 and 2.12.5 patch the issu...
BIT-NATS-2026-33247 NATS credentials are exposed in monitoring port via command-line argv
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...
BIT-NATS-2026-33223 NATS Server: Incomplete Stripping of Nats-Request-Info Header Allows Identity Spoofing
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header Nats-Request-Info: is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages was...