Lucene search
K

34 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/29 7:30 p.m.11 views

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/29 7:30 p.m.12 views

EUVD-2026-33429

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:28 p.m.12 views

CVE-2026-44640

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS5.8AI score0.00096EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

NanoMQ 安全漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.14 contained a security vulnerability. This vulnerability stemmed from the fact that data stored as “nniquicconn” during dialing was read as “exquicconn” when the dialer was...

4.5CVSS5.8AI score0.00096EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

NanoMQ 代码问题漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.8 have code vulnerabilities. These vulnerabilities stem from the quicstreamrecv function, which cancels references to empty substream pointers when the substream is reopened,...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 5:22 p.m.15 views

EUVD-2026-30965

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

5.9CVSS5.7AI score0.00401EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/19 5:22 p.m.41 views

CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

5.9CVSS0.00401EPSS
Exploits0References4
CVE
CVE
added 2026/04/20 7:23 p.m.11 views

CVE-2026-32135

NanoMQ (MQTT broker) is affected in versions prior to 0.24.11 by a remotely triggerable heap buffer overflow in the uri_param_parse function of the REST API due to an off-by-one error when allocating memory for query parameter keys/values. An attacker can trigger this via a crafted HTTP request, ...

8.7CVSS6AI score0.00502EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/20 7:23 p.m.7 views

CVE-2026-32135 NanoMQ has Heap Buffer Overflow in URI Parameter Parsing

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the uriparamparse function of NanoMQ's REST API. The vulnerability occurs due to an off-by-one error when allocating memory for query parameter keys an...

8.7CVSS6AI score0.00502EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/03 11:2 p.m.4 views

CVE-2026-34608

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

8.2CVSS6AI score0.00359EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/02 5:52 p.m.9 views

EUVD-2026-18464

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

4.9CVSS5.9AI score0.00359EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:52 p.m.1 views

CVE-2026-34608

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

4.9CVSS5.9AI score0.00359EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.16 views

PT-2026-29862

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhook inproc.c, the hook work cb function processes nng messages by parsing the message body with cJSON Parsebody. The body is obtained from nng msg bodymsg, which is a binary buffer withou...

4.9CVSS5.9AI score0.00359EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/30 8:11 p.m.15 views

CVE-2026-32696 NanoMQ HTTP Auth: Missing username/password can trigger a NULL-pointer strlen() in auth_http.c:set_data(), causing a process crash — SIGSEGV, remotely triggerable

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In NanoMQ version 0.24.6, after enabling auth.httpauth HTTP authentication, when a client connects to the broker using MQTT CONNECT without providing username/password, and the configuration params uses the placeholders %u / %P...

3.1CVSS0.00399EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/11 3:22 p.m.26 views

CVE-2026-21888 MQTT v5 Variable Byte Integer parsing out-of-bounds: get_var_integer()

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. MQTT v5 Variable Byte Integer parsing out-of-bounds: getvarinteger accepts 5-byte varints without bounds checks; reliably triggers OOB read / crash when built with ASan. This affects 0.24.6 and earlier...

7.5CVSS0.00302EPSS
Exploits1References2
OSV
OSV
added 2026/03/11 3:22 p.m.4 views

CVE-2026-21888 MQTT v5 Variable Byte Integer parsing out-of-bounds: get_var_integer()

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. MQTT v5 Variable Byte Integer parsing out-of-bounds: getvarinteger accepts 5-byte varints without bounds checks; reliably triggers OOB read / crash when built with ASan. This affects 0.24.6 and earlier...

7.5CVSS5.8AI score0.00302EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/06 1:34 a.m.6 views

CVE-2026-22040

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS5.9AI score0.00222EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/04 9:55 p.m.21 views

CVE-2026-22040 NanoMQ 0.24.6 Use-After-Free Leading to Heap Corruption and Broker Crash

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS0.00222EPSS
Exploits1References1
OSV
OSV
added 2026/03/04 9:55 p.m.5 views

CVE-2026-22040 NanoMQ 0.24.6 Use-After-Free Leading to Heap Corruption and Broker Crash

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS5.8AI score0.00222EPSS
Exploits1References3
CVE
CVE
added 2026/03/04 9:55 p.m.20 views

CVE-2026-22040

The vulnerability CVE-2026-22040 affects NanoMQ (NanoMQ) Broker version 0.24.6. A crafted traffic pattern—high-frequency publishes with rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter—can reliably trigger a heap memory corruption in the Broker process, ca...

5.3CVSS5.9AI score0.00222EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder