Lucene search
+L

310 matches found

euvd
euvd
added 21 hours ago5 views

EUVD-2026-44847

An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...

7.5CVSS6.1AI score
Exploits0References3
nvd
nvd
added yesterday5 views

CVE-2026-36590

An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...

7.5CVSS
Exploits0References2
cvelist
cvelist
added yesterday31 views

CVE-2026-36590

An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...

Exploits0References2
cve
cve
added yesterday11 views

CVE-2026-36590

An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...

7.5CVSS6.1AI score
Exploits0References2Affected Software1
redhatcve
redhatcve
added 2026/06/05 7:35 p.m.10 views

CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

5.9CVSS5.4AI score0.00401EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:25 p.m.10 views

CVE-2026-44640

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS5.5AI score0.00096EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:20 p.m.12 views

CVE-2026-32135

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the uriparamparse function of NanoMQ's REST API. The vulnerability occurs due to an off-by-one error when allocating memory for query parameter keys an...

8.7CVSS5.8AI score0.00502EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/06/01 4:3 p.m.16 views

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
nvd
nvd
added 2026/05/29 8:16 p.m.20 views

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS0.00227EPSS
Exploits0References1
nvd
nvd
added 2026/05/29 8:16 p.m.20 views

CVE-2026-44640

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS0.00096EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/29 7:30 p.m.10 views

CVE-2026-45151 NanoMQ: NULL Pointer Dereference

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/29 7:30 p.m.44 views

CVE-2026-45151 NanoMQ: NULL Pointer Dereference

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS0.00227EPSS
Exploits0References1
osv
osv
added 2026/05/29 7:30 p.m.4 views

CVE-2026-45151 NanoMQ: NULL Pointer Dereference

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS6AI score0.00227EPSS
Exploits0References3
cve
cve
added 2026/05/29 7:30 p.m.47 views

CVE-2026-45151

NanoMQ (0.24.8 and earlier) contains a NULL substream pointer dereference in quic_stream_recv when a substream is reopening. The vulnerable code finishes AIO with an error but does not return before locking c->mtx, indicating a potential NULL dereference and an unlocked/locked state issue in t...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/29 7:28 p.m.38 views

CVE-2026-44640 NanoMQ: QUIC Dialer Close Type Confusion

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS0.00096EPSS
Exploits0References2
euvd
euvd
added 2026/05/29 7:28 p.m.12 views

EUVD-2026-33428

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS5.8AI score0.00096EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/29 7:28 p.m.21 views

CVE-2026-44640 NanoMQ: QUIC Dialer Close Type Confusion

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS5.8AI score0.00096EPSS
Exploits0References2
cve
cve
added 2026/05/29 7:28 p.m.47 views

CVE-2026-44640

CVE-2026-44640 affects NanoMQ (MQTT Broker). The issue is a type confusion in the QUIC dialer: aio->prov_data is stored as nni_quic_conn * during dialing but read as ex_quic_conn * during dialer close, leading to invalid object interpretation and a close-path hang/crash. This describes the vul...

4.5CVSS5.8AI score0.00096EPSS
Exploits0References2
osv
osv
added 2026/05/29 7:28 p.m.3 views

CVE-2026-44640 NanoMQ: QUIC Dialer Close Type Confusion

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS5.9AI score0.00096EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/05/29 12:0 a.m.17 views

PT-2026-44985

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-prov data is stored as nni quic conn during dialing, but read as ex quic conn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

4.5CVSS5.8AI score0.00096EPSS
Exploits0References3
Rows per page
Query Builder