Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/03/27 12:25 a.m.4 views

SUSE CVE-2026-27889

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...

7.5CVSS6AI score0.00582EPSS
Exploits0References4
OSV
OSV
added 2026/03/25 7:38 p.m.2 views

CVE-2026-29785 NATS Server panic via malicious compression on leafnode port

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled not default, then anyone who can connect can crash the nats-server by triggering a panic. This happens...

7.5CVSS6.3AI score0.00658EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/25 7:36 p.m.4 views

CVE-2026-27889

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...

7.5CVSS5.9AI score0.00582EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/24 8:55 p.m.22 views

CVE-2026-33215 NATS is vulnerable to MQTT hijacking via Client ID

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server provides an MQTT client interface. Prior to versions 2.11.15 and 2.12.5, Sessions and Messages can by hijacked via MQTT Client ID malfeasance. Versions 2.11.15 and 2.12.5 patch the issu...

6.5CVSS0.0024EPSS
Exploits0References2
Rows per page
Query Builder