Lucene search
+L

8 matches found

OSV
OSV
added 2026/03/25 9:16 p.m.3 views

DEBIAN-CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS6.3AI score0.00228EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/25 9:16 p.m.5 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS6.4AI score0.00228EPSS
Exploits0References3
CVE
CVE
added 2026/03/25 8:21 p.m.20 views

CVE-2026-33249

NATS-Server vulnerability CVE-2026-33249 affects versions 2.11.0 through 2.11.14 and 2.12.0 through 2.12.5. A valid client using message tracing headers can cause trace messages to be sent to an arbitrary valid subject, including subjects the client cannot publish to; the payload is a valid trace...

4.3CVSS5.9AI score0.00228EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/03/25 8:21 p.m.9 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS6.3AI score0.00228EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:21 p.m.5 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS5.9AI score0.00228EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/25 8:21 p.m.5 views

CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS5.9AI score0.00228EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.7 views

PT-2026-27622

Name of the Vulnerable Software and Affected Versions NATS-Server versions prior to 2.11.15 NATS-Server versions prior to 2.12.6 Description NATS-Server, a high-performance server for NATS.io, is affected by an issue where a valid client utilizing message tracing headers can direct trace messages...

9.8CVSS5.9AI score0.00616EPSS
Exploits17References156
PyPA
PyPA
added 2021/12/06 6:15 p.m.11 views

PYSEC-2021-838

Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...

6.4CVSS7AI score0.00662EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder