Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/06 1:34 a.m.6 views

CVE-2026-22040

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS5.9AI score0.00222EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 9:55 p.m.5 views

CVE-2026-22040

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS5.9AI score0.00222EPSS
Exploits1References2
OSV
OSV
added 2026/03/04 9:55 p.m.5 views

CVE-2026-22040 NanoMQ 0.24.6 Use-After-Free Leading to Heap Corruption and Broker Crash

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS5.8AI score0.00222EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/04 9:55 p.m.22 views

CVE-2026-22040 NanoMQ 0.24.6 Use-After-Free Leading to Heap Corruption and Broker Crash

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS0.00222EPSS
Exploits1References1
CVE
CVE
added 2026/03/04 9:55 p.m.21 views

CVE-2026-22040

The vulnerability CVE-2026-22040 affects NanoMQ (NanoMQ) Broker version 0.24.6. A crafted traffic pattern—high-frequency publishes with rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter—can reliably trigger a heap memory corruption in the Broker process, ca...

5.3CVSS5.9AI score0.00222EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2005/08/24 4:0 a.m.2 views

DEBIAN-CVE-2005-2534

Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service server crash via simultaneous TCP connections from multiple clients that use the same client certificate...

2.6CVSS6.8AI score0.00967EPSS
Exploits0References1
Rows per page
Query Builder