2 matches found
CVE-2025-66217
AIS-catcher is a cross-platform AIS receiver. Multiple connected sources describe a vulnerability in the MQTT parsing logic prior to version 0.64: an integer underflow can trigger a massive Heap Buffer Overflow when processing a malformed MQTT packet with a manipulated Topic Length field. This le...
CVE-2025-66216
AIS-catcher before v0.64 is affected by a heap buffer overflow in AIS::Message that allows writing ~1 KB into a 128-byte buffer. This has been patched in v0.64. Remediation: upgrade to 0.64+ (or apply vendor advisories). Exploitation details are not provided in the supplied documents.