UBUNTU-CVE-2026-6986

A security vulnerability has been detected in Cesanta Mongoose up to 7...

UBUNTU-CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts...

UBUNTU-CVE-2026-6985

A weakness has been identified in Cesanta Mongoose up to 7.20. This vu...

UBUNTU-CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affecte...

UBUNTU-CVE-2026-5244

A vulnerability has been found in Cesanta Mongoose up to 7.20. This af...

CVE-2025-65502

Null pointer dereference in addcacerts in Cesanta Mongoose before...

Linux Distros Unpatched Vulnerability : CVE-2021-26529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mgtlsinit function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 compiled with mbedTLS support is vulnerable to remote OOB write attack via connection...

Linux Distros Unpatched Vulnerability : CVE-2021-26528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mghttpservefile function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool...

Linux Distros Unpatched Vulnerability : CVE-2025-65502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Null pointer dereference in addcacerts in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where...

Linux Distros Unpatched Vulnerability : CVE-2021-26530

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mgtlsinit function in Cesanta Mongoose HTTPS server 7.0 compiled with OpenSSL support is vulnerable to remote OOB write attack via connection request after...

Linux Distros Unpatched Vulnerability : CVE-2023-2905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to a failure in validating the length of a provided MQTTCMDPUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server,...

Linux Distros Unpatched Vulnerability : CVE-2026-6986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the...

Linux Distros Unpatched Vulnerability : CVE-2026-6985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handleopt of the file /src/netbuiltin.c of the component...

Linux Distros Unpatched Vulnerability : CVE-2026-5246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384...

Linux Distros Unpatched Vulnerability : CVE-2020-25756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability exists in the mggethttpheader function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can...

Linux Distros Unpatched Vulnerability : CVE-2026-5244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mgtlsrecvcert of the file mongoose.c of the component TLS 1.3 Handler...

JLSEC-2026-367 A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the...

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/netbuiltin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiate...

JLSEC-2026-371 A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function...

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

JLSEC-2026-366 A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the...

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

JLSEC-2026-370 A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function...

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...