CVE-2026-45151

Published: Mag 29, 2026 Last Modified: Mag 29, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 2,9

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c->mtx.

476

NULL Pointer Dereference

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality

Potential Impacts:

Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands Read Memory Modify Memory

Applicable Platforms

Languages: C, C++, Java, C#, Go

Likelihood of Exploit: Medium

View CWE Details

https://github.com/nanomq/nanomq/security/advisories/GHSA-9…

https://github.com/nanomq/nanomq/security/advisories/GHSA-9qhf-wgp4-p7w5

CVE-2026-45151

Description

NULL Pointer Dereference

Common Consequences

Applicable Platforms

Iscriviti alla newsletter