Denial of Service Vulnerability in NanoMQ by NanoMQ Team
CVE-2024-42646

7.5HIGH

Key Information:

Vendor: NanoMQ Team
Status: NanoMQ
Vendor: CVE Published:; 14 July 2025

🔔 Create NanoMQ Team Vulnerability Alert

What is CVE-2024-42646?

A segmentation fault in NanoMQ version 0.21.10 can be exploited by attackers to launch a Denial of Service (DoS) attack. By sending specially crafted messages, an attacker can trigger this fault, causing the application to become unresponsive and ultimately leading to service interruption. It is essential for users to review their configurations and apply security patches as necessary to mitigate the risks associated with this flaw.

References

https://github.com/nanomq/nanomq

https://github.com/songxpu/bug_report/blob/master/MQTT/Na...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 14, 2025
Vulnerability Reserved
Aug 5, 2024

JSON