CVE-2026-46411

Published: Giu 10, 2026 Last Modified: Giu 10, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not catchable, and therefore causes a server abort. This issue has been patched in version 1.26.2.

248

Uncaught Exception

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart Read Application Data
Applicable Platforms
Languages: C++, Java, C#
View CWE Details
https://github.com/halfgaar/FlashMQ/commit/29e08f7b97b6e3f9…
https://github.com/halfgaar/FlashMQ/commit/29e08f7b97b6e3f96db923c2b6a260c47b49…
https://github.com/halfgaar/FlashMQ/releases/tag/v1.26.2
https://github.com/halfgaar/FlashMQ/releases/tag/v1.26.2
https://github.com/halfgaar/FlashMQ/security/advisories/GHS…
https://github.com/halfgaar/FlashMQ/security/advisories/GHSA-g35r-265r-rxrh