{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T22:07:54.615","vulnerabilities":[{"cve":{"id":"CVE-2026-27571","sourceIdentifier":"security-advisories@github.com","published":"2026-02-24T17:29:03.393","lastModified":"2026-02-26T19:06:26.413","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. Prior to versions 2.11.2 and 2.12.3, the implementation bound the memory size of a NATS message but did not independently bound the memory consumption of the memory stream when constructing a NATS message which might then fail validation for size reasons. An attacker can use a compression bomb to cause excessive memory consumption, often resulting in the operating system terminating the server process. The use of compression is negotiated before authentication, so this does not require valid NATS credentials to exploit. The fix, present in versions 2.11.2 and 2.12.3, was to bounds the decompression to fail once the message was too large, instead of continuing on. The vulnerability only affects deployments which use WebSockets and which expose the network port to untrusted end-points."},{"lang":"es","value":"NATS-Server es un servidor de alto rendimiento para NATS.io, un sistema de mensajería nativo de la nube y el perímetro (edge). El manejo de mensajes NATS por WebSockets gestiona mensajes comprimidos a través de la compresión negociada por WebSockets. Antes de las versiones 2.11.2 y 2.12.3, la implementación limitaba el tamaño de la memoria de un mensaje NATS, pero no limitaba de forma independiente el consumo de memoria del flujo de memoria al construir un mensaje NATS que luego podría fallar la validación por razones de tamaño. Un atacante puede usar una bomba de compresión para provocar un consumo excesivo de memoria, lo que a menudo resulta en que el sistema operativo termine el proceso del servidor. El uso de la compresión se negocia antes de la autenticación, por lo que esto no requiere credenciales NATS válidas para explotarlo. La solución, presente en las versiones 2.11.2 y 2.12.3, fue establecer límites para que la descompresión fallara una vez que el mensaje fuera demasiado grande, en lugar de continuar. La vulnerabilidad solo afecta a las implementaciones que usan WebSockets y que exponen el puerto de red a endpoints no confiables."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-409"},{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionEndExcluding":"2.11.12","matchCriteriaId":"84A02A21-D310-4BAA-BE58-472410934027"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.12.0","versionEndExcluding":"2.12.3","matchCriteriaId":"82EF19F0-15AD-422C-86C7-0D669060AC6F"}]}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/f77fb7c4535e6727cc1a2899cd8e6bbdd8ba2017","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.11.12","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.3","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-qrvq-68c2-7grw","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}