High severity7.5NVD Advisory· Published May 15, 2026· Updated May 19, 2026
CVE-2026-8686
CVE-2026-8686
Description
Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet.
To remediate this issue, users should upgrade to v5.0.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- aws.amazon.com/security/security-bulletins/2026-032-aws/nvdVendor Advisory
- github.com/FreeRTOS/coreMQTT/security/advisories/GHSA-6qh9-r6jp-2wxcnvdVendor Advisory
- github.com/FreeRTOS/coreMQTT/releases/tag/v5.0.1nvdRelease Notes
News mentions
0No linked articles in our index yet.