NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-07-15
NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in the conn_handler function of mqtt_parser.c when it processes malformed messages.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-06-12