Lucene search
K

8 matches found

OSV
OSV
added 2026/03/25 9:16 p.m.2 views

DEBIAN-CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS6.3AI score0.00228EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/25 9:16 p.m.5 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS6.4AI score0.00228EPSS
Exploits0References3
CVE
CVE
added 2026/03/25 8:21 p.m.18 views

CVE-2026-33249

NATS-Server vulnerability CVE-2026-33249 affects versions 2.11.0 through 2.11.14 and 2.12.0 through 2.12.5. A valid client using message tracing headers can cause trace messages to be sent to an arbitrary valid subject, including subjects the client cannot publish to; the payload is a valid trace...

4.3CVSS5.9AI score0.00228EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:21 p.m.4 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS5.9AI score0.00228EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/25 8:21 p.m.8 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS6.3AI score0.00228EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/03/25 8:21 p.m.4 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS5.9AI score0.00228EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.6 views

PT-2026-27622

Name of the Vulnerable Software and Affected Versions NATS-Server versions prior to 2.11.15 NATS-Server versions prior to 2.12.6 Description NATS-Server, a high-performance server for NATS.io, is affected by an issue where a valid client utilizing message tracing headers can direct trace messages...

9.8CVSS5.9AI score0.00616EPSS
Exploits17References156
PyPA
PyPA
added 2021/12/06 6:15 p.m.11 views

PYSEC-2021-838

Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...

6.4CVSS7AI score0.00662EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder