Out-of-Bounds Read Vulnerability in NanoMQ MQTT Broker
CVE-2026-25627

6.5MEDIUM

Key Information:

Vendor

NanoMQ

Status
NanoMQ
Vendor
CVE Published:
30 March 2026

What is CVE-2026-25627?

The NanoMQ MQTT Broker, an Edge Messaging Platform, suffers from an out-of-bounds read vulnerability that can be exploited via its MQTT-over-WebSocket transport. Versions before 0.24.8 allow attackers to crash the broker by sending a malformed MQTT packet with a larger than expected Remaining Length header, while providing a shorter payload. This discrepancy can lead to the copying of non-existent bytes from the buffer, resulting in application crashes. The vulnerability is remotely exploitable, necessitating an upgrade to version 0.24.8 or later to mitigate the issue.

Affected Version(s)

nanomq < 0.24.8

References

https://github.com/nanomq/nanomq/security/advisories/GHSA...
x_refsource_CONFIRM
https://github.com/nanomq/NanoNNG/pull/1405
x_refsource_MISC
https://github.com/nanomq/NanoNNG/commit/e80b30bad6d85559...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.