Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-62723 | 1 Flashmq | 1 Flashmq | 2025-10-31 | N/A | 4.3 MEDIUM |
| FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon (eventual) session expiration. Version 1.23.2 fixes the issue. | |||||
| CVE-2024-42645 | 1 Flashmq | 1 Flashmq | 2025-08-06 | N/A | 7.5 HIGH |
| An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS). | |||||
| CVE-2024-42644 | 1 Flashmq | 1 Flashmq | 2025-08-06 | N/A | 7.5 HIGH |
| FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0. | |||||