Advanced Filters
CVE Vulnerabilities for "vendor:flashmq"
Showing 1-3 of 3 CVEs (filtered from 316,546 total)
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon (eventual) session expiration. Version 1.23.2 fixes the issue.
MEDIUM 4.3
EPSS 0.0%
10/24/2025
2025
An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS).
HIGH 7.5
EPSS 0.1%
7/29/2025
2024
FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0.
HIGH 7.5
EPSS 0.1%
7/29/2025
2024
| Description | Year | ||||
|---|---|---|---|---|---|
4.3MEDIUM | 0.0%Minimal | - | 2025 | ||
7.5HIGH | 0.1%Minimal | - | 2024 | ||
7.5HIGH | 0.1%Minimal | - | 2024 |
Page 1 of 2