4 matches found
CVE-2026-54412
CVE-2026-54412 affects LiamBindle MQTT-C up to v1.1.6. The vulnerability is a heap-based out-of-bounds read and integer underflow in mqtt_unpack_publish_response() (src/mqtt.c). A broker-controlled or injected PUBLISH packet can allow a remote unauthenticated attacker to crash a subscribed MQTT-C...
curl: integer Overflow in MQTT Protocol Handling Allows Bypassing Message Size Limit
Summary: A logic error involving an integer overflow specifically, an unsigned integer underflow exists in the lib/mqtt.c file within the mqttpublish function. This vulnerability allows an attacker or a malicious user configuration to bypass the explicit MAXMQTTMESSAGESIZE check. The vulnerabilit...
Linux Distros Unpatched Vulnerability : CVE-2021-41036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check remlen size in readpacket. CVE-2021-41036 Note that Nessus relies on the...
CVE-2021-41036
In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check remlen size in readpacket...