CVE-2026-32696

HIGH EPSS 31.7%
Published Mar 30, 20263mo ago · Modified Jun 17, 20261w ago
7.5 CVSS 3.1
High
Find Similar
Published Mar 30, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In NanoMQ version 0.24.6, after enabling auth.http_auth (HTTP authentication), when a client connects to the broker using MQTT CONNECT without providing username/password, and the configuration params uses the placeholders %u / %P (e.g., username="%u", password="%P"), the HTTP request construction phase enters auth_http.c:set_data(). This results in calling strlen() on a NULL pointer, causing a SIGSEGV crash. This crash can be triggered remotely, resulting in a denial of service. This issue has been patched in version 0.24.7.

CVSS Details

Base Score
7.5
Exploitability
3.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
31.7% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 1

VendorProductVersionRange
emqxnanomq* <0.24.7

References 4

  • github.com https://github.com/nanomq/NanoNNG/commit/c20aa27e5290bb480a5315099952480d35f37a8b
    Patch
  • github.com https://github.com/nanomq/NanoNNG/pull/1394
    Issue TrackingPatch
  • github.com https://github.com/nanomq/nanomq/releases/tag/0.24.7
    ProductRelease Notes
  • github.com https://github.com/nanomq/nanomq/security/advisories/GHSA-77f4-wvq8-mp3p
    ExploitVendor Advisory

Remediation

  • github.com https://github.com/nanomq/NanoNNG/commit/c20aa27e5290bb480a5315099952480d35f37a8b
    Patch
  • github.com https://github.com/nanomq/NanoNNG/pull/1394
    Issue TrackingPatch