7.5
CVE-2026-27889
- EPSS 0.41%
- Veröffentlicht 25.03.2026 19:36:36
- Zuletzt bearbeitet 26.03.2026 17:13:16
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and so is exposed to anyone who can connect to the websockets port. Versions 2.11.14 and 2.12.5 contains a fix. A workaround is available. The vulnerability only affects deployments which use WebSockets and which expose the network port to untrusted end-points. If one is able to do so, a defense in depth of restricting either of these will mitigate the attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linuxfoundation ≫ Nats-server Version >= 2.2.0 < 2.11.14
Linuxfoundation ≫ Nats-server Version >= 2.12.0 < 2.12.5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.328 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
https://github.com/nats-io/nats-server/security/advisories/GHSA-pq2q-rcw4-3hr6
https://advisories.nats.io/CVE/secnote-2026-03.txt