Lucene search
+L

28 matches found

nvd
nvd
added 2026/07/08 8:16 p.m.6 views

CVE-2026-58210

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an unauthenticated MQTT client could cause the server to retain large incomplete MQTT CONNECT packets before authentication completed, consuming server memory while the...

7.5CVSS0.00732EPSS
Exploits0References5
cvelist
cvelist
added 2026/07/08 8:13 p.m.36 views

CVE-2026-58210 NATS Server: MQTT partial CONNECT packets can exhaust pre-auth memory

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an unauthenticated MQTT client could cause the server to retain large incomplete MQTT CONNECT packets before authentication completed, consuming server memory while the...

7.5CVSS0.00732EPSS
Exploits0References5
osv
osv
added 2026/07/08 8:13 p.m.5 views

CVE-2026-58210 NATS Server: MQTT partial CONNECT packets can exhaust pre-auth memory

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an unauthenticated MQTT client could cause the server to retain large incomplete MQTT CONNECT packets before authentication completed, consuming server memory while the...

7.5CVSS6.1AI score0.00732EPSS
Exploits0References7
cve
cve
added 2026/07/08 8:13 p.m.11 views

CVE-2026-58210

CVE-2026-58210 affects NATS Server prior to versions 2.14.3 and 2.12.12. An unauthenticated MQTT client could cause the server to retain large incomplete MQTT CONNECT packets before authentication completes, exhausting memory due to the parser waiting for the advertised MQTT packet length. The is...

7.5CVSS6AI score0.00732EPSS
Exploits0References5Affected Software1
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.6 views

PT-2026-56560

Name of the Vulnerable Software and Affected Versions NATS Server versions prior to 2.14.3 NATS Server versions prior to 2.12.12 Description An unauthenticated MQTT client can cause the server to consume excessive memory by sending large incomplete MQTT CONNECT packets. The server retains these...

7.5CVSS5.9AI score0.00732EPSS
Exploits0References11
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-16659

Malware in sbrugna...

7.5CVSS7.4AI score0.02191EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44242

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00675EPSS
Exploits0References3
nessus
nessus
added 2025/08/25 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2017-7654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT...

7.5CVSS7.1AI score0.02191EPSS
Exploits0References2
redhat
redhat
added 2024/11/05 5:49 p.m.4 views

mosquitto: sending specific sequences of packets may trigger memory leak

A flaw was found in Eclipse Mosquitto. A remote attacker may be able to trigger memory leakage, segmentation fault, or a heap-use-after-free condition by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE", and "PUBLISH" packets...

7.5CVSS5.7AI score0.00748EPSS
Exploits0References11
osv
osv
added 2024/01/05 11:6 a.m.4 views

OESA-2024-1026 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

7.5CVSS6.7AI score0.00675EPSS
Exploits0References2
osv
osv
added 2023/10/28 11:6 a.m.3 views

OESA-2023-1772 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

7.5CVSS6.5AI score0.00689EPSS
Exploits0References3
osv
osv
added 2023/10/13 11:6 a.m.3 views

OESA-2023-1718 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

5.8CVSS6.7AI score0.00608EPSS
Exploits0References2
osv
osv
added 2023/10/13 11:6 a.m.4 views

OESA-2023-1717 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

5.8CVSS6.7AI score0.00608EPSS
Exploits0References2
osv
osv
added 2023/10/13 11:6 a.m.3 views

OESA-2023-1716 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

5.8CVSS6.7AI score0.00608EPSS
Exploits0References2
nvd
nvd
added 2023/10/02 8:15 p.m.23 views

CVE-2023-3592

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types...

7.5CVSS6.4AI score0.00675EPSS
Exploits0References2
osv
osv
added 2023/10/02 8:15 p.m.2 views

DEBIAN-CVE-2023-3592

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types...

7.5CVSS7.3AI score0.00675EPSS
Exploits0References1
prion
prion
added 2023/10/02 8:15 p.m.29 views

Memory corruption

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types...

5CVSS7.3AI score0.00675EPSS
Exploits0References2Affected Software1
osv
osv
added 2023/10/02 7:15 p.m.3 views

ALPINE-CVE-2023-0809

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...

5.3CVSS7AI score0.00608EPSS
Exploits0References1
osv
osv
added 2023/10/02 7:15 p.m.3 views

DEBIAN-CVE-2023-0809

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...

5.3CVSS6AI score0.00608EPSS
Exploits0References1
osv
osv
added 2023/10/02 7:15 p.m.3 views

UBUNTU-CVE-2023-0809

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...

5.8CVSS6.5AI score0.00608EPSS
Exploits0References4
Rows per page
Query Builder