VYPR

Vendor CVEs

Emqx

All CVEs

42 total · sorted by risk
  • CVE-2026-33356HigMay 11, 2026
    risk 0.50cvss 7.7epss 0.00

    In Meari IoT Cloud MQTT Broker deployments running EMQX 4.x, any authenticated low-privilege account can subscribe to global wildcard topics and receive telemetry from devices the user does not own. The broker enforces publish restrictions but does not enforce equivalent…

  • CVE-2024-48077HigJan 15, 2026
    risk 0.49cvss 7.5epss 0.00

    NanoMQ v0.22.7 is vulnerable to Denial of Service (DoS) due to improper resource throttling. A crafted sequence of requests causes the recv-q queue to saturate, leading to the rapid exhaustion of system file descriptors (FDs). This exhaustion triggers a process crash, rendering…

  • CVE-2026-32135HigApr 20, 2026
    risk 0.42cvss 7.5epss 0.01

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the `uri_param_parse` function of NanoMQ's REST API. The vulnerability occurs due to an off-by-one error when allocating memory for…

  • CVE-2025-62413MedOct 16, 2025
    risk 0.40cvss 6.1epss 0.00

    MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting (XSS) vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the…

  • CVE-2025-65953MedNov 25, 2025
    risk 0.39cvss epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.22.5, a Heap-Use-After-Free (UAF) vulnerability exists in the TCP transport component of NanoMQ, which relies on the underlying NanoNNG library (specifically in…

  • CVE-2026-25627MedMar 30, 2026
    risk 0.35cvss 6.5epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual…

  • CVE-2026-32134MedMay 19, 2026
    risk 0.31cvss 5.9epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption…

  • CVE-2026-30867MedApr 2, 2026
    risk 0.30cvss 5.7epss 0.00

    CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker (or a compromised/malicious MQTT broker) to remotely crash the host iOS/macOS/tvOS…

  • CVE-2026-6564MedApr 19, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It is possible to launch the attack remotely. The exploit has been made public and…

  • CVE-2026-34608MedApr 2, 2026
    risk 0.25cvss 4.9epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhook_inproc.c, the hook_work_cb() function processes nng messages by parsing the message body with cJSON_Parse(body). The body is obtained from nng_msg_body(msg), which…

  • CVE-2026-44640MedMay 29, 2026
    risk 0.22cvss 4.5epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_quic_conn* during dialing, but read as ex_quic_conn* during dialer close. This type confusion causes invalid object interpretation and leads to close-path…

  • CVE-2026-8741LowMay 17, 2026
    risk 0.20cvss 3.1epss 0.00

    A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The attack may be performed from remote. A high…

  • CVE-2025-52136LowAug 10, 2025
    risk 0.20cvss 3.0epss 0.00

    In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard…

  • CVE-2026-32696LowMar 30, 2026
    risk 0.13cvss 3.1epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In NanoMQ version 0.24.6, after enabling auth.http_auth (HTTP authentication), when a client connects to the broker using MQTT CONNECT without providing username/password, and the configuration params uses the…

  • CVE-2026-45151LowMay 29, 2026
    risk 0.12cvss epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c->mtx.

  • CVE-2026-21888Mar 11, 2026
    risk 0.00cvss epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. MQTT v5 Variable Byte Integer parsing out-of-bounds: get_var_integer() accepts 5-byte varints without bounds checks; reliably triggers OOB read / crash when built with ASan. This affects 0.24.6 and earlier.

  • CVE-2026-22040Mar 4, 2026
    risk 0.00cvss epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably…

  • CVE-2025-68699Feb 4, 2026
    risk 0.00cvss epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions ($share/). A malformed SUBSCRIBE topic such as $share/ab (missing the second /) is not strictly…

  • CVE-2025-66023Jan 1, 2026
    risk 0.00cvss epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.5 have a Heap-Use-After-Free (UAF) vulnerability within the MQTT bridge client component (implemented via the underlying NanoNNG library). The vulnerability is triggered when NanoMQ acts…

  • CVE-2025-59946Dec 27, 2025
    risk 0.00cvss epss 0.00

    NanoMQ MQTT Broker (NanoMQ) is an Edge Messaging Platform. Prior to version 0.24.2, there is a classical data racing issue about sub info list which could result in heap use after free crash. This issue has been patched in version 0.24.2.

  • CVE-2025-59947Dec 15, 2025
    risk 0.00cvss epss 0.00

    NanoMQ is a messaging broker/bus for IoT Edge & SDV. Versions prior to 0.24.4 have a buffer overflow case while the PUBLISH packets trigger both shared subscription and vanila subscription. This is fixed in version 0.24.4. As a workaround, disable shared subscription.

  • CVE-2024-42655Jul 29, 2025
    risk 0.00cvss epss 0.00

    An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters.

  • CVE-2024-42651Jul 29, 2025
    risk 0.00cvss epss 0.00

    NanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component sub_Ctx_handle. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SUBSCRIBE message.

  • CVE-2024-42650Jul 15, 2025
    risk 0.00cvss epss 0.01

    NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.

  • CVE-2024-42649Jul 14, 2025
    risk 0.00cvss epss 0.00

    NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.

  • CVE-2024-42648Jul 14, 2025
    risk 0.00cvss epss 0.00

    NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.

  • CVE-2024-42646Jul 14, 2025
    risk 0.00cvss epss 0.00

    A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.

  • CVE-2024-44460Sep 12, 2024
    risk 0.00cvss epss 0.00

    An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS).

  • CVE-2024-31036Apr 22, 2024
    risk 0.00cvss epss 0.00

    A heap-buffer-overflow vulnerability in the read_byte function in NanoMQ v.0.21.7 allows attackers to cause a denial of service via transmission of crafted hexstreams.

  • CVE-2024-31041Apr 17, 2024
    risk 0.00cvss epss 0.01

    Null Pointer Dereference vulnerability in topic_filtern function in mqtt_parser.c in NanoMQ 0.21.7 allows attackers to cause a denial of service.

  • CVE-2024-31040Apr 17, 2024
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted hexstreams.

  • CVE-2024-25767Feb 26, 2024
    risk 0.00cvss epss 0.01

    nanomq 0.21.2 contains a Use-After-Free vulnerability in /nanomq/nng/src/core/socket.c.

  • CVE-2023-37781Jul 17, 2023
    risk 0.00cvss epss 0.01

    An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file.

  • CVE-2023-34488Jun 12, 2023
    risk 0.00cvss epss 0.01

    NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in the conn_handler function of mqtt_parser.c when it processes malformed messages.

  • CVE-2023-34494Jun 12, 2023
    risk 0.00cvss epss 0.01

    NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c.

  • CVE-2023-33657Jun 8, 2023
    risk 0.00cvss epss 0.01

    A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a…

  • CVE-2023-33660Jun 8, 2023
    risk 0.00cvss epss 0.01

    A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.

  • CVE-2023-33658Jun 8, 2023
    risk 0.00cvss epss 0.01

    A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.

  • CVE-2023-33659Jun 6, 2023
    risk 0.00cvss epss 0.01

    A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.

  • CVE-2023-33656May 30, 2023
    risk 0.00cvss epss 0.00

    A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack by causing the program to consume all available memory resources.

  • CVE-2023-29995May 4, 2023
    risk 0.00cvss epss 0.01

    In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c

  • CVE-2023-29994May 4, 2023
    risk 0.00cvss epss 0.01

    In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c.