CRITICAL9.8CVE-2026-5244A vulnerability has been found in Cesanta Mongoose up to 7.20. from 0
CRITICAL9.8CVE-2020-25756A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. from 0
CRITICAL9.8An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possi…
from 0
CRITICAL9.8An issue was discovered in Mongoose before 6.15.
from 0
CRITICAL9.1The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compiled with OpenSSL support) is vulnerable to remote OOB write attack via…
from 0
CRITICAL9.1The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 (compiled with mbedTLS support) is vulnerable to remote OOB writ…
from 0
CRITICAL9.1The mg_http_serve_file function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after e…
from 0
HIGH8.8Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file.
from 0
HIGH8.8Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an…
from 0
HIGH8.1A vulnerability was determined in Cesanta Mongoose up to 7.20.
from 0
HIGH8.1A vulnerability was found in Cesanta Mongoose up to 7.20.
from 0
HIGH7.5A weakness has been identified in Cesanta Mongoose up to 7.20.
from 0
HIGH7.5An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17.
from 0
HIGH7.5The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers.
from 0
HIGH7.5mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read.
from 0
MEDIUM4.3Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS init…
from 0
LOW3.7A security vulnerability has been detected in Cesanta Mongoose up to 7.20.
from 0
LOW3.7A vulnerability was detected in Cesanta Mongoose up to 7.20.
from 0
LOW3.7A security vulnerability has been detected in Cesanta Mongoose up to 7.20.
from 0
LOW3.7A weakness has been identified in Cesanta Mongoose up to 7.20.
from 0
—SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that allows local unprivileged attackers to esca…
from 0
—SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoose_multipart.c that allows unauthenticated att…
from 0