3 matches found
CVE-2026-58214
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an authenticated MQTT client could subscribe to the internal $MQTT.deliver.pubrel subject family, bypassing configured subscribe permissions and exposing MQTT QoS2 protoc...
CVE-2026-8741 EMQX QoS 2 PUBLISH Packet emqx_persistent_session_ds.erl race condition
A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqxpersistentsessionds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The attack may be performed from remote. A high complexity level is...
Eclipse Mosquitto Security Vulnerability
Eclipse Mosquitto is the Eclipse Foundation's open source messaging agent software. A security vulnerability exists in Eclipse Mosquitto versions 1.3.2 through 2.0.16, which stems from incorrect handling of EAGAIN in the libc send function, a memory leak in the proxy, and a remote abuse of the...