Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    285 vulnerabilities by cesanta

    CVE-2026-11404 (GCVE-0-2026-11404)

    Vulnerability from nvd – Published: 2026-07-09 15:13 – Updated: 2026-07-10 15:40
    VLAI
    Title
    Cesanta Mongoose before 7.22 Out-of-Bounds Read in MG_TLS_BUILTIN ClientHello Session ID Parsing
    Summary
    Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated attacker can send a single crafted ClientHello with an oversized session id length to read past the receive buffer, crashing any HTTPS, MQTTS, or WSS service built on MG_TLS_BUILTIN.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 0 , < 7.22 (custom)
    Create a notification for this product.
    Date Public
    2026-07-09 00:00
    Credits
    Shukhratbek Uraiimov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-11404",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T16:09:47.106576Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T16:09:53.129Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThan": "7.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.22",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Shukhratbek Uraiimov"
            }
          ],
          "datePublic": "2026-07-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated attacker can send a single crafted ClientHello with an oversized session id length to read past the receive buffer, crashing any HTTPS, MQTTS, or WSS service built on MG_TLS_BUILTIN."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-10T15:40:04.432Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "Mongoose 7.22 Release Notes",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.22"
            },
            {
              "name": "Product",
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose"
            },
            {
              "name": "Patch Commit",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/c288ac1f38424ffdd4d2fd5e1893fd4962642db3"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/cesanta-mongoose-out-of-bounds-read-in-mg-tls-builtin-clienthello-session-id-parsing"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Cesanta Mongoose before 7.22 Out-of-Bounds Read in MG_TLS_BUILTIN ClientHello Session ID Parsing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-11404",
        "datePublished": "2026-07-09T15:13:40.148Z",
        "dateReserved": "2026-06-05T17:46:47.767Z",
        "dateUpdated": "2026-07-10T15:40:04.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6986 (GCVE-0-2026-6986)

    Vulnerability from nvd – Published: 2026-04-25 16:30 – Updated: 2026-04-27 13:36 X_Open Source
    VLAI
    Title
    Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification
    Summary
    A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.21 is capable of addressing this issue. It is advisable to upgrade the affected component. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6986",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T13:33:26.520467Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T13:36:06.578Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "GCM Authentication Tag Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.21 is capable of addressing this issue. It is advisable to upgrade the affected component. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T16:30:13.067Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359529 | Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/359529"
            },
            {
              "name": "VDB-359529 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359529/cti"
            },
            {
              "name": "Submit #796231 | Cesanta Mongoose 7.20 Improper Verification of Cryptographic Signature",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/796231"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/AESGCM.md"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T21:18:01.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6986",
        "datePublished": "2026-04-25T16:30:13.067Z",
        "dateReserved": "2026-04-24T19:12:51.609Z",
        "dateUpdated": "2026-04-27T13:36:06.578Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6985 (GCVE-0-2026-6985)

    Vulnerability from nvd – Published: 2026-04-25 16:15 – Updated: 2026-04-27 12:35 X_Open Source
    VLAI
    Title
    Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop
    Summary
    A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 7.21 is able to resolve this issue. Upgrading the affected component is advised. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6985",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T12:35:19.133011Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T12:35:36.821Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "TCP Option Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 7.21 is able to resolve this issue. Upgrading the affected component is advised. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "Infinite Loop",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T16:15:13.639Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359528 | Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/359528"
            },
            {
              "name": "VDB-359528 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359528/cti"
            },
            {
              "name": "Submit #796230 | Cesanta Mongoose 7.20 Denial of Service",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/796230"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/TCP_opt_dos.md"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T21:17:57.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6985",
        "datePublished": "2026-04-25T16:15:13.639Z",
        "dateReserved": "2026-04-24T19:12:47.755Z",
        "dateUpdated": "2026-04-27T12:35:36.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5246 (GCVE-0-2026-5246)

    Vulnerability from nvd – Published: 2026-04-02 09:45 – Updated: 2026-04-02 13:07 X_Open Source
    VLAI
    Title
    Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization
    Summary
    A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. Upgrading to version 7.21 is able to address this issue. This patch is called 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    the_evilsocket (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5246",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T13:06:36.226342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T13:07:02.788Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "P-384 Public Key Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "the_evilsocket (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. Upgrading to version 7.21 is able to address this issue. This patch is called 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.1,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T09:45:11.602Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354827 | Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/354827"
            },
            {
              "name": "VDB-354827 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354827/cti"
            },
            {
              "name": "Submit #770104 | Cesanta Mongoose 7.20 Authorization Bypass",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/770104"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-02T09:48:27.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5246",
        "datePublished": "2026-04-02T09:45:11.602Z",
        "dateReserved": "2026-03-31T14:45:56.419Z",
        "dateUpdated": "2026-04-02T13:07:02.788Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5245 (GCVE-0-2026-5245)

    Vulnerability from nvd – Published: 2026-04-02 09:00 – Updated: 2026-04-02 14:27 X_Open Source
    VLAI
    Title
    Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow
    Summary
    A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been made public and could be used. Upgrading to version 7.21 will fix this issue. The patch is named 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    the_evilsocket (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5245",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T14:27:05.438550Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T14:27:27.092Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "mDNS Record Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "the_evilsocket (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been made public and could be used. Upgrading to version 7.21 will fix this issue. The patch is named 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.1,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T09:00:19.688Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354826 | Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/354826"
            },
            {
              "name": "VDB-354826 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354826/cti"
            },
            {
              "name": "Submit #770103 | Cesanta Mongoose 7.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/770103"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-02T09:48:24.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5245",
        "datePublished": "2026-04-02T09:00:19.688Z",
        "dateReserved": "2026-03-31T14:45:52.658Z",
        "dateUpdated": "2026-04-02T14:27:27.092Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5244 (GCVE-0-2026-5244)

    Vulnerability from nvd – Published: 2026-04-02 08:00 – Updated: 2026-04-02 13:31 X_Open Source
    VLAI
    Title
    Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow
    Summary
    A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.21 mitigates this issue. The name of the patch is 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    the_evilsocket (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5244",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T13:22:55.955451Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T13:31:54.915Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "TLS 1.3 Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "the_evilsocket (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.21 mitigates this issue. The name of the patch is 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T08:00:19.770Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354825 | Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/354825"
            },
            {
              "name": "VDB-354825 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354825/cti"
            },
            {
              "name": "Submit #770063 | Cesanta Mongoose 7.20 Heap-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/770063"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-02T09:48:19.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5244",
        "datePublished": "2026-04-02T08:00:19.770Z",
        "dateReserved": "2026-03-31T14:45:47.381Z",
        "dateUpdated": "2026-04-02T13:31:54.915Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2018-25193 (GCVE-0-2018-25193)

    Vulnerability from nvd – Published: 2026-03-06 12:19 – Updated: 2026-03-09 18:05
    VLAI
    Title
    Mongoose Web Server 6.9 Denial of Service via Socket Connection
    Summary
    Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service unavailability.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1188 - Initialization of a Resource with an Insecure Default
    Assigner
    References
    Impacted products
    Date Public
    2018-11-11 12:00
    Credits
    Ihsan Sencan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25193",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-09T18:04:00.714085Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-09T18:05:12.812Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Mongoose Web Server",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.9"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ihsan Sencan"
            }
          ],
          "datePublic": "2018-11-11T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service unavailability."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1188",
                  "description": "Initialization of a Resource with an Insecure Default",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-06T12:19:18.181Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-45819",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/45819"
            },
            {
              "name": "VulnCheck Advisory: Mongoose Web Server 6.9 Denial of Service via Socket Connection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/mongoose-web-server-denial-of-service-via-socket-connection"
            }
          ],
          "title": "Mongoose Web Server 6.9 Denial of Service via Socket Connection",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2018-25193",
        "datePublished": "2026-03-06T12:19:18.181Z",
        "dateReserved": "2026-03-06T11:59:56.248Z",
        "dateUpdated": "2026-03-09T18:05:12.812Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2968 (GCVE-0-2026-2968)

    Vulnerability from nvd – Published: 2026-02-23 03:02 – Updated: 2026-02-23 17:26 X_Open Source
    VLAI
    Title
    Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification
    Summary
    A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is said to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2968",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-23T17:26:42.762866Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-23T17:26:53.648Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Poly1305 Authentication Tag Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is said to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-23T03:02:07.673Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-347335 | Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.347335"
            },
            {
              "name": "VDB-347335 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.347335"
            },
            {
              "name": "Submit #757091 | Cesanta Mongoose Embedded Web Server 7.20 Improper Verification of Cryptographic Signature",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.757091"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/ChaCha20Poly1305.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/ChaCha20Poly1305.md#poc"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-22T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-02-22T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-02-22T09:02:39.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-2968",
        "datePublished": "2026-02-23T03:02:07.673Z",
        "dateReserved": "2026-02-22T07:57:31.932Z",
        "dateUpdated": "2026-02-23T17:26:53.648Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2967 (GCVE-0-2026-2967)

    Vulnerability from nvd – Published: 2026-02-23 02:32 – Updated: 2026-02-23 13:32 X_Open Source
    VLAI
    Title
    Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source
    Summary
    A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-940 - Improper Verification of Source of a Communication Channel
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2967",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-23T13:32:47.660229Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-23T13:32:57.830Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "TCP Sequence Number Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack\u0027s complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-940",
                  "description": "Improper Verification of Source of a Communication Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-23T02:32:07.568Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-347334 | Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.347334"
            },
            {
              "name": "VDB-347334 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.347334"
            },
            {
              "name": "Submit #755450 | Cesanta Mongoose Embedded Web Server 7.20 Improper Validation of Specified Index, Position, or Offset in I",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.755450"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/tcp_rst.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/tcp_rst.md#poc"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-22T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-02-22T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-02-22T09:02:38.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-2967",
        "datePublished": "2026-02-23T02:32:07.568Z",
        "dateReserved": "2026-02-22T07:57:28.584Z",
        "dateUpdated": "2026-02-23T13:32:57.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2966 (GCVE-0-2026-2966)

    Vulnerability from nvd – Published: 2026-02-23 02:02 – Updated: 2026-02-23 13:36 X_Open Source
    VLAI
    Title
    Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values
    Summary
    A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched remotely. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-330 - Insufficiently Random Values
    • CWE-310 - Cryptographic Issues
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2966",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-23T13:36:36.825692Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-23T13:36:51.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "DNS Transaction ID Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched remotely. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-330",
                  "description": "Insufficiently Random Values",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-310",
                  "description": "Cryptographic Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-23T02:02:08.202Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-347333 | Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.347333"
            },
            {
              "name": "VDB-347333 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.347333"
            },
            {
              "name": "Submit #755304 | Cesanta Mongoose Embedded Web Server 7.20 Insufficiently Random Values",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.755304"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/mg_sendnsreq.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/mg_sendnsreq.md#poc"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-22T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-02-22T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-02-22T09:02:36.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-2966",
        "datePublished": "2026-02-23T02:02:08.202Z",
        "dateReserved": "2026-02-22T07:57:24.272Z",
        "dateUpdated": "2026-02-23T13:36:51.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65502 (GCVE-0-2025-65502)

    Vulnerability from nvd – Published: 2025-11-24 00:00 – Updated: 2025-11-24 18:29
    VLAI
    Summary
    Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where SSL_CTX_get_cert_store() returns NULL.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65502",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-24T18:28:47.531864Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-476",
                    "description": "CWE-476 NULL Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-24T18:29:36.744Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where SSL_CTX_get_cert_store() returns NULL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-24T13:59:02.214Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/cesanta/mongoose/issues/3306"
            },
            {
              "url": "https://github.com/cesanta/mongoose/pull/3307"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-65502",
        "datePublished": "2025-11-24T00:00:00.000Z",
        "dateReserved": "2025-11-18T00:00:00.000Z",
        "dateUpdated": "2025-11-24T18:29:36.744Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-51495 (GCVE-0-2025-51495)

    Vulnerability from nvd – Published: 2025-09-29 00:00 – Updated: 2025-10-01 15:21
    VLAI
    Summary
    An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-51495",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-29T19:55:19.399329Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-190",
                    "description": "CWE-190 Integer Overflow or Wraparound",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-30T17:26:32.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-01T15:21:21.511Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/cesanta/mongoose"
            },
            {
              "url": "https://github.com/cesanta/mongoose/pull/3131"
            },
            {
              "url": "https://github.com/cainiao159357/CVE-2025-51495"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-51495",
        "datePublished": "2025-09-29T00:00:00.000Z",
        "dateReserved": "2025-06-16T00:00:00.000Z",
        "dateUpdated": "2025-10-01T15:21:21.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-0696 (GCVE-0-2025-0696)

    Vulnerability from nvd – Published: 2025-01-27 11:12 – Updated: 2025-02-12 20:01
    VLAI
    Summary
    A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Frozen Affected: 0 , < 1.7 (semver)
    Create a notification for this product.
    Credits
    Diego Zaffaroni of Nozomi Networks found this bug during a security research activity.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0696",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T13:26:21.194656Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:01:13.272Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/cesanta/frozen/",
              "defaultStatus": "unaffected",
              "product": "Frozen",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThan": "1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Diego Zaffaroni of Nozomi Networks found this bug during a security research activity."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A NULL Pointer Dereference\u0026nbsp;vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
                }
              ],
              "value": "A NULL Pointer Dereference\u00a0vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-27T11:12:00.703Z",
            "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
            "shortName": "Nozomi"
          },
          "references": [
            {
              "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0696"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "assignerShortName": "Nozomi",
        "cveId": "CVE-2025-0696",
        "datePublished": "2025-01-27T11:12:00.703Z",
        "dateReserved": "2025-01-24T09:14:05.384Z",
        "dateUpdated": "2025-02-12T20:01:13.272Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-0695 (GCVE-0-2025-0695)

    Vulnerability from nvd – Published: 2025-01-27 11:11 – Updated: 2025-02-12 20:01
    VLAI
    Summary
    An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Frozen Affected: 0 , < 1.7 (semver)
    Create a notification for this product.
    Credits
    Diego Zaffaroni of Nozomi Networks found this bug during a security research activity.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0695",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T13:26:36.273103Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:01:13.392Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/cesanta/frozen/",
              "defaultStatus": "unaffected",
              "product": "Frozen",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThan": "1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Diego Zaffaroni of Nozomi Networks found this bug during a security research activity."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An Allocation of Resources Without Limits or\u0026nbsp;Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
                }
              ],
              "value": "An Allocation of Resources Without Limits or\u00a0Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-27T11:11:50.239Z",
            "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
            "shortName": "Nozomi"
          },
          "references": [
            {
              "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0695"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "assignerShortName": "Nozomi",
        "cveId": "CVE-2025-0695",
        "datePublished": "2025-01-27T11:11:50.239Z",
        "dateReserved": "2025-01-24T09:14:04.340Z",
        "dateUpdated": "2025-02-12T20:01:13.392Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42392 (GCVE-0-2024-42392)

    Vulnerability from nvd – Published: 2024-11-18 09:07 – Updated: 2024-11-18 13:35
    VLAI
    Title
    Improper Neutralization of Delimiters in Mongoose Web Server library
    Summary
    Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-140 - Improper Neutralization of Delimiters
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Web Server Affected: 0 , ≤ 7.14 (semver)
    Create a notification for this product.
    Credits
    Gabriele Quagliarella
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42392",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T13:35:12.960867Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T13:35:30.655Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/cesanta/mongoose",
              "defaultStatus": "unaffected",
              "product": "Mongoose Web Server",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThanOrEqual": "7.14",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gabriele Quagliarella"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters."
                }
              ],
              "value": "Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-140",
                  "description": "CWE-140 Improper Neutralization of Delimiters",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T09:07:09.562Z",
            "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
            "shortName": "Nozomi"
          },
          "references": [
            {
              "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42392"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "It is suggested to update the Mongoose Web Server library to v7.15."
                }
              ],
              "value": "It is suggested to update the Mongoose Web Server library to v7.15."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Improper Neutralization of Delimiters in Mongoose Web Server library",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIt is highly recommended to not expose the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "It is highly recommended to not expose the vulnerable component inside an untrusted network."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "assignerShortName": "Nozomi",
        "cveId": "CVE-2024-42392",
        "datePublished": "2024-11-18T09:07:09.562Z",
        "dateReserved": "2024-07-31T12:51:37.204Z",
        "dateUpdated": "2024-11-18T13:35:30.655Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42391 (GCVE-0-2024-42391)

    Vulnerability from nvd – Published: 2024-11-18 09:07 – Updated: 2024-11-18 13:35
    VLAI
    Title
    Use of Out-of-range Pointer Offset in Mongoose Web Server library
    Summary
    Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-823 - Use of Out-of-range Pointer Offset
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Web Server Affected: 0 , ≤ 7.14 (semver)
    Create a notification for this product.
    Credits
    Gabriele Quagliarella
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42391",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T13:35:32.284035Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T13:35:49.668Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/cesanta/mongoose",
              "defaultStatus": "unaffected",
              "product": "Mongoose Web Server",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThanOrEqual": "7.14",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gabriele Quagliarella"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space."
                }
              ],
              "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-823",
                  "description": "CWE-823 Use of Out-of-range Pointer Offset",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T09:07:03.674Z",
            "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
            "shortName": "Nozomi"
          },
          "references": [
            {
              "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42391"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "It is suggested to update the Mongoose Web Server library to v7.15."
                }
              ],
              "value": "It is suggested to update the Mongoose Web Server library to v7.15."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Use of Out-of-range Pointer Offset in Mongoose Web Server library",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIt is highly recommended to not expose the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "It is highly recommended to not expose the vulnerable component inside an untrusted network."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "assignerShortName": "Nozomi",
        "cveId": "CVE-2024-42391",
        "datePublished": "2024-11-18T09:07:03.674Z",
        "dateReserved": "2024-07-31T12:51:37.204Z",
        "dateUpdated": "2024-11-18T13:35:49.668Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-11404 (GCVE-0-2026-11404)

    Vulnerability from cvelistv5 – Published: 2026-07-09 15:13 – Updated: 2026-07-10 15:40
    VLAI
    Title
    Cesanta Mongoose before 7.22 Out-of-Bounds Read in MG_TLS_BUILTIN ClientHello Session ID Parsing
    Summary
    Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated attacker can send a single crafted ClientHello with an oversized session id length to read past the receive buffer, crashing any HTTPS, MQTTS, or WSS service built on MG_TLS_BUILTIN.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 0 , < 7.22 (custom)
    Create a notification for this product.
    Date Public
    2026-07-09 00:00
    Credits
    Shukhratbek Uraiimov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-11404",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T16:09:47.106576Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T16:09:53.129Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThan": "7.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.22",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Shukhratbek Uraiimov"
            }
          ],
          "datePublic": "2026-07-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated attacker can send a single crafted ClientHello with an oversized session id length to read past the receive buffer, crashing any HTTPS, MQTTS, or WSS service built on MG_TLS_BUILTIN."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-10T15:40:04.432Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "Mongoose 7.22 Release Notes",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.22"
            },
            {
              "name": "Product",
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose"
            },
            {
              "name": "Patch Commit",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/c288ac1f38424ffdd4d2fd5e1893fd4962642db3"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/cesanta-mongoose-out-of-bounds-read-in-mg-tls-builtin-clienthello-session-id-parsing"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Cesanta Mongoose before 7.22 Out-of-Bounds Read in MG_TLS_BUILTIN ClientHello Session ID Parsing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-11404",
        "datePublished": "2026-07-09T15:13:40.148Z",
        "dateReserved": "2026-06-05T17:46:47.767Z",
        "dateUpdated": "2026-07-10T15:40:04.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6986 (GCVE-0-2026-6986)

    Vulnerability from cvelistv5 – Published: 2026-04-25 16:30 – Updated: 2026-04-27 13:36 X_Open Source
    VLAI
    Title
    Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification
    Summary
    A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.21 is capable of addressing this issue. It is advisable to upgrade the affected component. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6986",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T13:33:26.520467Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T13:36:06.578Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "GCM Authentication Tag Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.21 is capable of addressing this issue. It is advisable to upgrade the affected component. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T16:30:13.067Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359529 | Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/359529"
            },
            {
              "name": "VDB-359529 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359529/cti"
            },
            {
              "name": "Submit #796231 | Cesanta Mongoose 7.20 Improper Verification of Cryptographic Signature",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/796231"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/AESGCM.md"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T21:18:01.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6986",
        "datePublished": "2026-04-25T16:30:13.067Z",
        "dateReserved": "2026-04-24T19:12:51.609Z",
        "dateUpdated": "2026-04-27T13:36:06.578Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6985 (GCVE-0-2026-6985)

    Vulnerability from cvelistv5 – Published: 2026-04-25 16:15 – Updated: 2026-04-27 12:35 X_Open Source
    VLAI
    Title
    Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop
    Summary
    A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 7.21 is able to resolve this issue. Upgrading the affected component is advised. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6985",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T12:35:19.133011Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T12:35:36.821Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "TCP Option Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 7.21 is able to resolve this issue. Upgrading the affected component is advised. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "Infinite Loop",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T16:15:13.639Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359528 | Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/359528"
            },
            {
              "name": "VDB-359528 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359528/cti"
            },
            {
              "name": "Submit #796230 | Cesanta Mongoose 7.20 Denial of Service",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/796230"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/TCP_opt_dos.md"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T21:17:57.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6985",
        "datePublished": "2026-04-25T16:15:13.639Z",
        "dateReserved": "2026-04-24T19:12:47.755Z",
        "dateUpdated": "2026-04-27T12:35:36.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5246 (GCVE-0-2026-5246)

    Vulnerability from cvelistv5 – Published: 2026-04-02 09:45 – Updated: 2026-04-02 13:07 X_Open Source
    VLAI
    Title
    Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization
    Summary
    A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. Upgrading to version 7.21 is able to address this issue. This patch is called 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    the_evilsocket (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5246",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T13:06:36.226342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T13:07:02.788Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "P-384 Public Key Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "the_evilsocket (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. Upgrading to version 7.21 is able to address this issue. This patch is called 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.1,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T09:45:11.602Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354827 | Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/354827"
            },
            {
              "name": "VDB-354827 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354827/cti"
            },
            {
              "name": "Submit #770104 | Cesanta Mongoose 7.20 Authorization Bypass",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/770104"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-02T09:48:27.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5246",
        "datePublished": "2026-04-02T09:45:11.602Z",
        "dateReserved": "2026-03-31T14:45:56.419Z",
        "dateUpdated": "2026-04-02T13:07:02.788Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5245 (GCVE-0-2026-5245)

    Vulnerability from cvelistv5 – Published: 2026-04-02 09:00 – Updated: 2026-04-02 14:27 X_Open Source
    VLAI
    Title
    Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow
    Summary
    A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been made public and could be used. Upgrading to version 7.21 will fix this issue. The patch is named 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    the_evilsocket (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5245",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T14:27:05.438550Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T14:27:27.092Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "mDNS Record Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "the_evilsocket (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been made public and could be used. Upgrading to version 7.21 will fix this issue. The patch is named 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.1,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T09:00:19.688Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354826 | Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/354826"
            },
            {
              "name": "VDB-354826 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354826/cti"
            },
            {
              "name": "Submit #770103 | Cesanta Mongoose 7.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/770103"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-02T09:48:24.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5245",
        "datePublished": "2026-04-02T09:00:19.688Z",
        "dateReserved": "2026-03-31T14:45:52.658Z",
        "dateUpdated": "2026-04-02T14:27:27.092Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5244 (GCVE-0-2026-5244)

    Vulnerability from cvelistv5 – Published: 2026-04-02 08:00 – Updated: 2026-04-02 13:31 X_Open Source
    VLAI
    Title
    Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow
    Summary
    A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.21 mitigates this issue. The name of the patch is 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
    Unaffected: 7.21
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    the_evilsocket (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5244",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T13:22:55.955451Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T13:31:54.915Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "TLS 1.3 Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                },
                {
                  "status": "unaffected",
                  "version": "7.21"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "the_evilsocket (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.21 mitigates this issue. The name of the patch is 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T08:00:19.770Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354825 | Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/354825"
            },
            {
              "name": "VDB-354825 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354825/cti"
            },
            {
              "name": "Submit #770063 | Cesanta Mongoose 7.20 Heap-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/770063"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/commit/0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/cesanta/mongoose/releases/tag/7.21"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://github.com/cesanta/mongoose/"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-02T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-02T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-02T09:48:19.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5244",
        "datePublished": "2026-04-02T08:00:19.770Z",
        "dateReserved": "2026-03-31T14:45:47.381Z",
        "dateUpdated": "2026-04-02T13:31:54.915Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2018-25193 (GCVE-0-2018-25193)

    Vulnerability from cvelistv5 – Published: 2026-03-06 12:19 – Updated: 2026-03-09 18:05
    VLAI
    Title
    Mongoose Web Server 6.9 Denial of Service via Socket Connection
    Summary
    Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service unavailability.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1188 - Initialization of a Resource with an Insecure Default
    Assigner
    References
    Impacted products
    Date Public
    2018-11-11 12:00
    Credits
    Ihsan Sencan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25193",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-09T18:04:00.714085Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-09T18:05:12.812Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Mongoose Web Server",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.9"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ihsan Sencan"
            }
          ],
          "datePublic": "2018-11-11T12:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service unavailability."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1188",
                  "description": "Initialization of a Resource with an Insecure Default",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-06T12:19:18.181Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-45819",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/45819"
            },
            {
              "name": "VulnCheck Advisory: Mongoose Web Server 6.9 Denial of Service via Socket Connection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/mongoose-web-server-denial-of-service-via-socket-connection"
            }
          ],
          "title": "Mongoose Web Server 6.9 Denial of Service via Socket Connection",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2018-25193",
        "datePublished": "2026-03-06T12:19:18.181Z",
        "dateReserved": "2026-03-06T11:59:56.248Z",
        "dateUpdated": "2026-03-09T18:05:12.812Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2968 (GCVE-0-2026-2968)

    Vulnerability from cvelistv5 – Published: 2026-02-23 03:02 – Updated: 2026-02-23 17:26 X_Open Source
    VLAI
    Title
    Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification
    Summary
    A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is said to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2968",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-23T17:26:42.762866Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-23T17:26:53.648Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Poly1305 Authentication Tag Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is said to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-23T03:02:07.673Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-347335 | Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.347335"
            },
            {
              "name": "VDB-347335 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.347335"
            },
            {
              "name": "Submit #757091 | Cesanta Mongoose Embedded Web Server 7.20 Improper Verification of Cryptographic Signature",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.757091"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/ChaCha20Poly1305.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/ChaCha20Poly1305.md#poc"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-22T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-02-22T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-02-22T09:02:39.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-2968",
        "datePublished": "2026-02-23T03:02:07.673Z",
        "dateReserved": "2026-02-22T07:57:31.932Z",
        "dateUpdated": "2026-02-23T17:26:53.648Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2967 (GCVE-0-2026-2967)

    Vulnerability from cvelistv5 – Published: 2026-02-23 02:32 – Updated: 2026-02-23 13:32 X_Open Source
    VLAI
    Title
    Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source
    Summary
    A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-940 - Improper Verification of Source of a Communication Channel
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2967",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-23T13:32:47.660229Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-23T13:32:57.830Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "TCP Sequence Number Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack\u0027s complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-940",
                  "description": "Improper Verification of Source of a Communication Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-23T02:32:07.568Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-347334 | Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.347334"
            },
            {
              "name": "VDB-347334 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.347334"
            },
            {
              "name": "Submit #755450 | Cesanta Mongoose Embedded Web Server 7.20 Improper Validation of Specified Index, Position, or Offset in I",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.755450"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/tcp_rst.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/tcp_rst.md#poc"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-22T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-02-22T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-02-22T09:02:38.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-2967",
        "datePublished": "2026-02-23T02:32:07.568Z",
        "dateReserved": "2026-02-22T07:57:28.584Z",
        "dateUpdated": "2026-02-23T13:32:57.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2966 (GCVE-0-2026-2966)

    Vulnerability from cvelistv5 – Published: 2026-02-23 02:02 – Updated: 2026-02-23 13:36 X_Open Source
    VLAI
    Title
    Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values
    Summary
    A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched remotely. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-330 - Insufficiently Random Values
    • CWE-310 - Cryptographic Issues
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cesanta Mongoose Affected: 7.0
    Affected: 7.1
    Affected: 7.2
    Affected: 7.3
    Affected: 7.4
    Affected: 7.5
    Affected: 7.6
    Affected: 7.7
    Affected: 7.8
    Affected: 7.9
    Affected: 7.10
    Affected: 7.11
    Affected: 7.12
    Affected: 7.13
    Affected: 7.14
    Affected: 7.15
    Affected: 7.16
    Affected: 7.17
    Affected: 7.18
    Affected: 7.19
    Affected: 7.20
        cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    dwbruijn (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2966",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-23T13:36:36.825692Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-23T13:36:51.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "DNS Transaction ID Handler"
              ],
              "product": "Mongoose",
              "vendor": "Cesanta",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "7.1"
                },
                {
                  "status": "affected",
                  "version": "7.2"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.7"
                },
                {
                  "status": "affected",
                  "version": "7.8"
                },
                {
                  "status": "affected",
                  "version": "7.9"
                },
                {
                  "status": "affected",
                  "version": "7.10"
                },
                {
                  "status": "affected",
                  "version": "7.11"
                },
                {
                  "status": "affected",
                  "version": "7.12"
                },
                {
                  "status": "affected",
                  "version": "7.13"
                },
                {
                  "status": "affected",
                  "version": "7.14"
                },
                {
                  "status": "affected",
                  "version": "7.15"
                },
                {
                  "status": "affected",
                  "version": "7.16"
                },
                {
                  "status": "affected",
                  "version": "7.17"
                },
                {
                  "status": "affected",
                  "version": "7.18"
                },
                {
                  "status": "affected",
                  "version": "7.19"
                },
                {
                  "status": "affected",
                  "version": "7.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "dwbruijn (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched remotely. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.6,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-330",
                  "description": "Insufficiently Random Values",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-310",
                  "description": "Cryptographic Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-23T02:02:08.202Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-347333 | Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.347333"
            },
            {
              "name": "VDB-347333 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.347333"
            },
            {
              "name": "Submit #755304 | Cesanta Mongoose Embedded Web Server 7.20 Insufficiently Random Values",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.755304"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/mg_sendnsreq.md"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/dwBruijn/CVEs/blob/main/Mongoose/mg_sendnsreq.md#poc"
            }
          ],
          "tags": [
            "x_open-source"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-22T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-02-22T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-02-22T09:02:36.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-2966",
        "datePublished": "2026-02-23T02:02:08.202Z",
        "dateReserved": "2026-02-22T07:57:24.272Z",
        "dateUpdated": "2026-02-23T13:36:51.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65502 (GCVE-0-2025-65502)

    Vulnerability from cvelistv5 – Published: 2025-11-24 00:00 – Updated: 2025-11-24 18:29
    VLAI
    Summary
    Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where SSL_CTX_get_cert_store() returns NULL.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 4.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65502",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-24T18:28:47.531864Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-476",
                    "description": "CWE-476 NULL Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-24T18:29:36.744Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where SSL_CTX_get_cert_store() returns NULL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-24T13:59:02.214Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/cesanta/mongoose/issues/3306"
            },
            {
              "url": "https://github.com/cesanta/mongoose/pull/3307"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-65502",
        "datePublished": "2025-11-24T00:00:00.000Z",
        "dateReserved": "2025-11-18T00:00:00.000Z",
        "dateUpdated": "2025-11-24T18:29:36.744Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-51495 (GCVE-0-2025-51495)

    Vulnerability from cvelistv5 – Published: 2025-09-29 00:00 – Updated: 2025-10-01 15:21
    VLAI
    Summary
    An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-51495",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-29T19:55:19.399329Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-190",
                    "description": "CWE-190 Integer Overflow or Wraparound",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-30T17:26:32.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-01T15:21:21.511Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/cesanta/mongoose"
            },
            {
              "url": "https://github.com/cesanta/mongoose/pull/3131"
            },
            {
              "url": "https://github.com/cainiao159357/CVE-2025-51495"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-51495",
        "datePublished": "2025-09-29T00:00:00.000Z",
        "dateReserved": "2025-06-16T00:00:00.000Z",
        "dateUpdated": "2025-10-01T15:21:21.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-0696 (GCVE-0-2025-0696)

    Vulnerability from cvelistv5 – Published: 2025-01-27 11:12 – Updated: 2025-02-12 20:01
    VLAI
    Summary
    A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Frozen Affected: 0 , < 1.7 (semver)
    Create a notification for this product.
    Credits
    Diego Zaffaroni of Nozomi Networks found this bug during a security research activity.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0696",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T13:26:21.194656Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:01:13.272Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/cesanta/frozen/",
              "defaultStatus": "unaffected",
              "product": "Frozen",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThan": "1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Diego Zaffaroni of Nozomi Networks found this bug during a security research activity."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A NULL Pointer Dereference\u0026nbsp;vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
                }
              ],
              "value": "A NULL Pointer Dereference\u00a0vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-27T11:12:00.703Z",
            "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
            "shortName": "Nozomi"
          },
          "references": [
            {
              "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0696"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "assignerShortName": "Nozomi",
        "cveId": "CVE-2025-0696",
        "datePublished": "2025-01-27T11:12:00.703Z",
        "dateReserved": "2025-01-24T09:14:05.384Z",
        "dateUpdated": "2025-02-12T20:01:13.272Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-0695 (GCVE-0-2025-0695)

    Vulnerability from cvelistv5 – Published: 2025-01-27 11:11 – Updated: 2025-02-12 20:01
    VLAI
    Summary
    An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Cesanta Frozen Affected: 0 , < 1.7 (semver)
    Create a notification for this product.
    Credits
    Diego Zaffaroni of Nozomi Networks found this bug during a security research activity.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0695",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T13:26:36.273103Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:01:13.392Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://github.com/cesanta/frozen/",
              "defaultStatus": "unaffected",
              "product": "Frozen",
              "vendor": "Cesanta",
              "versions": [
                {
                  "lessThan": "1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Diego Zaffaroni of Nozomi Networks found this bug during a security research activity."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An Allocation of Resources Without Limits or\u0026nbsp;Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
                }
              ],
              "value": "An Allocation of Resources Without Limits or\u00a0Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-27T11:11:50.239Z",
            "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
            "shortName": "Nozomi"
          },
          "references": [
            {
              "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0695"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "assignerShortName": "Nozomi",
        "cveId": "CVE-2025-0695",
        "datePublished": "2025-01-27T11:11:50.239Z",
        "dateReserved": "2025-01-24T09:14:04.340Z",
        "dateUpdated": "2025-02-12T20:01:13.392Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }