CVE-2026-45151

Vulnerability Description

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c->mtx.

Vulnerability Details

Published Date

May 29, 2026

Last Modified

May 29, 2026

CWE ID

CWE-476

Source

NVD

Vendor

nanomq

Product

nanomq

External References

https://github.com/nanomq/nanomq/security/advisories/GHSA-9qhf-wgp4-p7w5

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment