CVE-2026-8741
- EPSS 0.28%
- Veröffentlicht 17.05.2026 08:15:08
- Zuletzt bearbeitet 20.05.2026 23:02:12
A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The attack may be ...
- EPSS 0.26%
- Veröffentlicht 10.08.2025 00:00:00
- Zuletzt bearbeitet 15.04.2026 00:35:42
In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptab...
CVE-2023-37781
- EPSS 0.74%
- Veröffentlicht 17.07.2023 20:15:13
- Zuletzt bearbeitet 21.11.2024 08:12:15
An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file.
CVE-2021-46434
- EPSS 0.86%
- Veröffentlicht 28.03.2022 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:34:04
EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given us...