VYPR
High severity7.4GHSA Advisory· Published Nov 6, 2025· Updated Apr 15, 2026

CVE-2025-12790

CVE-2025-12790

Description

A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle (MITM) attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mqttRubyGems
< 0.7.00.7.0

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.