VYPR
Vendor

Halfgaar

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2026-46411MedJun 10, 2026
    risk 0.35cvss 6.5epss 0.00

    FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not…

  • CVE-2026-42209MedMay 8, 2026
    risk 0.35cvss 6.5epss 0.00

    FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_message_defer_timeout and set_retained_message_defer_timeout_spread are configured…

  • CVE-2025-62723Oct 24, 2025
    risk 0.00cvss epss 0.00

    FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon (eventual) session expiration. Version 1.23.2…

  • CVE-2024-42644Jul 29, 2025
    risk 0.00cvss epss 0.01

    FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0.

  • CVE-2024-42645Jul 29, 2025
    risk 0.00cvss epss 0.01

    An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS).