CNNVD-202511-2694 Information

CNNVD ID

CNNVD-202511-2694

Related CVE

CVE-2025-65953

• CNNVD Published: 2025-11-25

Description (Chinese)

NanoMQ是美国EMQ开源的一款用于物联网边缘平台的轻量级快速 MQTT Broker。 NanoMQ 0.22.5之前版本存在资源管理错误漏洞，该漏洞源于TCP传输组件中存在释放后重用，可能导致内存损坏。

Description (English)

NanoMQ is a lightweight fast MQTT Broker for the EEMQ open source in the United States of America. The previous version of NanoMQ 0.22.5 had a resource management error gap, which stemmed from the presence of post-release reuse in the TCP transmission component and could lead to memory damage.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

EMQ

Published

2025-11-25

Last Modified

2026-02-24

References

https://github.com/nanomq/nanomq/security/advisories/GHSA-r95p-wjm8-2qxr https://access.redhat.com/security/cve/cve-2025-65953

Patch

https://github.com/nanomq/nanomq/releases