{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T03:36:27.522","vulnerabilities":[{"cve":{"id":"CVE-2026-25627","sourceIdentifier":"security-advisories@github.com","published":"2026-03-30T21:17:07.750","lastModified":"2026-04-02T15:33:55.340","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path copies Remaining Length bytes without verifying that the current receive buffer contains that many bytes, resulting in an out-of-bounds read (ASAN reports OOB / crash). This is remotely triggerable over the WebSocket listener. This issue has been patched in version 0.24.8."},{"lang":"es","value":"NanoMQ MQTT Broker (NanoMQ) es una plataforma de mensajería de borde integral. Antes de la versión 0.24.8, el transporte MQTT-over-WebSocket de NanoMQ puede colapsar al enviar un paquete MQTT con una longitud restante (Remaining Length) deliberadamente grande en la cabecera fija mientras se proporciona una carga útil real mucho más corta. La ruta del código copia bytes de la longitud restante sin verificar que el búfer de recepción actual contenga esa cantidad de bytes, lo que resulta en una lectura fuera de límites (ASAN informa OOB / fallo). Esto puede ser activado remotamente a través del oyente de WebSocket. Este problema ha sido parcheado en la versión 0.24.8."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emqx:nanomq:*:*:*:*:*:*:*:*","versionEndExcluding":"0.24.8","matchCriteriaId":"5BCF33DD-E338-4F9C-BA28-CC3F585079AF"}]}]}],"references":[{"url":"https://github.com/nanomq/NanoNNG/commit/e80b30bad6d855593a68d18f2785bfaca6faf09e","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nanomq/NanoNNG/pull/1405","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/nanomq/nanomq/releases/tag/0.24.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/nanomq/nanomq/security/advisories/GHSA-w4rh-v3h2-j29x","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/nanomq/nanomq/security/advisories/GHSA-w4rh-v3h2-j29x","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}