High severity7.5NVD Advisory· Published Dec 3, 2024· Updated Apr 15, 2026

CVE-2024-50948

Description

mochiMQTT v2.6.3 is vulnerable to Denial of Service (DoS) due to improper resource management. An attacker can exhaust system memory and crash the broker by establishing and maintaining a large number of malicious, long-term publish/subscribe sessions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Mochi Mqtt/Serverreferences
Mochi Mqtt/mochiMQTTllm-create
Range: = 2.6.3
osv-coords
pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
Range: < 0.0.20241209T183251-1.1

Patches

Vulnerability mechanics

References

gist.github.com/pengwGit/39760ed5ae03171622ca8215dc0d8c60nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000