THREAT INTELLIGENCE LIVE DESKCYBERTTAKv1.8.0.0
SYSTEMLIVE FEED ACTIVE
CONTENT UPDATED
← Back to Intel Feed
Secure route: /intel/ai-cve-2026-58208-nats-server-mqtt-over-websocket-vulnerability
mediumCVE-2026-582082026-07-11Vector: appsec

CVE-2026-58208 NATS Server: MQTT-over-WebSocket Vulnerability

A security flaw in NATS Server allows attackers to crash WebSocket-only JetStream servers by sending specific requests, even before the MQTT feature is officially turned on.

Decision Context

English Brief

A security flaw in NATS Server allows attackers to crash WebSocket-only JetStream servers by sending specific requests, even before the MQTT feature is officially turned on.

الموجز العربي

ثغرة في خادم NATS المتعلقة بـ MQTT-over-WebSocket

تم اكتشاف ثغرة أمنية في خادم NATS تسمح للمهاجمين بإيقاف خوادم JetStream عن العمل عبر إرسال طلبات محددة، حتى قبل تفعيل ميزة MQTT.

Affected Products
    Priority sectors
    Software DevelopmentCloud Infrastructure
    Immediate Actions
    1. 1Verify current version: nats-server --version
    2. 2Download and install the latest stable binary from the official repository
    3. 3Restart the service to apply the fix: systemctl restart nats-server