CNNVD-202507-3643 Information

CNNVD ID

CNNVD-202507-3643

Related CVE

CVE-2024-42651

• CNNVD Published: 2025-07-29

Description (Chinese)

NanoMQ是美国EMQ开源的一款用于物联网边缘平台的轻量级快速 MQTT Broker。 NanoMQ 0.17.9版本存在安全漏洞，该漏洞源于sub_Ctx_handle组件存在堆释放后重用，可能导致拒绝服务攻击。

Description (English)

NanoMQ is a lightweight fast MQTT Broker for the EEMQ open source in the United States of America. The NanoMQ 0.17.9 version has a security loophole, which stems from the re-use of sub Ctx handle components after their release and may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

EMQ

Published

2025-07-29

Last Modified

2026-02-24

References

https://github.com/nanomq/nanomq https://github.com/nanomq/nanomq/issues/1217 https://github.com/songxpu/bug_report/blob/master/MQTT/NanoMQ/CVE-2024-42651.md https://access.redhat.com/security/cve/cve-2024-42651

Patch

https://github.com/nanomq/nanomq/releases