Known Vulnerabilities for products from Emqx
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Emqx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34608 json | NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhook_inproc.c,... | Not Provided | 2026-04-02 | 2026-04-10 |
| CVE-2026-32696 json | NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In NanoMQ version 0.24.6, after enabling auth.http_auth... | Not Provided | 2026-03-30 | 2026-04-13 |
| CVE-2026-32135 json | NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable h... | Not Provided | 2026-04-20 | 2026-04-22 |
| CVE-2026-30867 json | CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in ... | Not Provided | 2026-04-02 | 2026-04-07 |
| CVE-2026-25627 json | NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket... | Not Provided | 2026-03-30 | 2026-04-02 |
| CVE-2026-6564 json | Not Provided | 2026-04-19 | 2026-04-20 | |
| CVE-2024-48077 json | NanoMQ v0.22.7 is vulnerable to Denial of Service (DoS) due to improper resource throttling. A crafted sequence of requests c... | Not Provided | 2026-01-15 | 2026-04-03 |
| CVE-2023-37781 json | An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt ... | 6.5 - MEDIUM | 2023-07-17 | 2023-07-28 |
| CVE-2023-34494 json | NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c. | 7.5 - HIGH | 2023-06-12 | 2023-06-16 |
| CVE-2023-34488 json | NanoMQ 0.17.5 is vulnerable to heap-buffer-overflow in the conn_handler function of mqtt_parser.c when it processes malformed... | 7.8 - HIGH | 2023-06-12 | 2023-06-16 |
| CVE-2023-33660 json | A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copy... | 7.5 - HIGH | 2023-06-08 | 2023-06-14 |
| CVE-2023-33659 json | A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_... | 7.5 - HIGH | 2023-06-06 | 2023-06-15 |
| CVE-2023-33658 json | A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_... | 7.5 - HIGH | 2023-06-08 | 2023-06-14 |
| CVE-2023-33657 json | A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_m... | 7.5 - HIGH | 2023-06-08 | 2023-06-14 |
| CVE-2023-33656 json | A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could ex... | 5.5 - MEDIUM | 2023-05-30 | 2023-06-06 |
| CVE-2023-29996 json | In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfo_decode and unsubin... | 7.5 - HIGH | 2023-05-04 | 2023-05-10 |
| CVE-2023-29995 json | In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c | 7.5 - HIGH | 2023-05-04 | 2023-05-10 |
| CVE-2023-29994 json | In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c. | 7.5 - HIGH | 2023-05-04 | 2023-05-10 |
| CVE-2021-46434 json | ** UNSUPPORTED WHEN ASSIGNED ** EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. ... | 5.3 - MEDIUM | 2022-03-28 | 2023-11-07 |
| CVE-2021-33175 json | EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption... | 7.5 - HIGH | 2021-06-08 | 2021-06-16 |