Shodan
Vulnerabilities
Vulnerable Software
Emqx:  Security Vulnerabilities
CVE-2024-42655
An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-07-29
CVE-2024-42651
NanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component sub_Ctx_handle. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SUBSCRIBE message.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-07-29
CVE-2024-42650
NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-07-15
CVE-2024-42649
NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-14
CVE-2024-42646
A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-14
CVE-2024-42648
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-14
CVE-2024-10964
A vulnerability classified as critical has been found in emqx neuron up to 2.10.0. Affected is the function handle_add_plugin in the library cmd.library of the file plugins/restful/plugin_handle.c. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
CVSS Score
6.3
EPSS Score
0.004
Published
2024-11-07
CVE-2024-10965
A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this vulnerability is an unknown functionality of the file /api/v2/schema of the component JSON File Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The patch is named c9ce39747e0372aaa2157b2b56174914a12c06d8. It is recommended to apply a patch to fix this issue.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-11-07
CVE-2024-44460
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.002
Published
2024-09-12
CVE-2024-31036
A heap-buffer-overflow vulnerability in the read_byte function in NanoMQ v.0.21.7 allows attackers to cause a denial of service via transmission of crafted hexstreams.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved