EUVD-2026-34200

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

CVE-2026-49199 Predator Connect W6x: RCE via MQTT

Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...

CVE-2026-44838 RabbitMQ MQTT Topic Permission Authorization Bypass

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

Security Analysis of a Communication Protocol: MQTT

This paper analyzes the security of the Message Queuing Telemetry Transport MQTT protocol in the context of the Internet of Things IoT. The main objective consists of identifying vulnerabilities and proposing security improvements. Adopting a hybrid methodology, a theoretical review was combined...

CVE-2026-33838

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally...

CVE-2026-34329

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

DEBIAN-CVE-2026-44248

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the MQTT 5 header Properties section is parsed and buffered before any message size limit is applied. Specifically, in MqttDecoder, the decodeVariableHeader method is called before the...

PT-2026-40614

Date: May 13, 2026 Status: ACTIVE GLOBAL EXPLOITATION / CORE INFRASTRUCTURE SHATTER Target: Microsoft Message Queuing MSMQ, all versions through Windows Server 2025 Severity: 9.8 MAXIMUM CRITICAL Unauthenticated Remote Code Execution 1. Analysis: Why "Queue-Shatter" is Today's Apex Threat While t...

EUVD-2026-29584

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally...

EUVD-2026-29588

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

CVE-2026-34329

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

CVE-2026-33838

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally...

CVE-2026-33838 Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

...

CVE-2026-33838

Technical details about CVE-2026-33838 are not publicly available in the provided documents. Monitor for updates from vendors and advisories before assessing impact or remediation.

CVE-2026-33838 Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

...

CVE-2026-34329 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

...

CVE-2026-34329 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

...

CVE-2026-34329

CVE-2026-34329 is a heap-based buffer overflow in Windows Message Queuing (MSMQ) that could allow an unauthenticated attacker to execute code over an adjacent network. Public details in provided connected documents describe MSMQ as affected and classify the vulnerability as remote code execution;...

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally...