CVE-2026-45151
NanoMQ: NULL Pointer Dereference
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
14th
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c->mtx.
| CWE | CWE-476 |
| Vendor | nanomq |
| Product | nanomq |
| Published | May 29, 2026 |
| Last Updated | Jun 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for nanomq nanomq
Be the first to know when new unknown vulnerabilities affecting nanomq nanomq are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
nanomq / nanomq
<= 0.24.8