CVE-2026-29785
HIGHCVSS v3.1: 7.5 · EPSS: 0.0049 (38.5 percentile)
Source data as of:
At a glance
- Severity
- HIGH
- CVSS
- 7.5 v3.1 · NVD
- EPSS
- 0.0049 (38.5 percentile) · FIRST.org
- CISA KEV
- No
- Type
- NULL Pointer Deref · NVD CWE
- Attack conditions (CVSS vector)
- NetworkNo privilegesNo user interaction · Source: NVD Vector
- Affected vendors
- linuxfoundation
- Published
- 2026-03-25 · Modified: 2026-06-30
- References
- Jump to references (8)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not default), then anyone who can connect can crash the nats-server by triggering a panic. This happens pre-authentication and requires that compression be enabled (which it is, by default, when leafnodes are used). Versions 2.11.14 and 2.12.5 contain a fix. As a workaround, disable compression on the leafnode port.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.
- Vendor advisory https://advisories.nats.io/CVE/secnote-2026-04.txt
- Patch https://github.com/nats-io/nats-server/commit/a1488de6f2ba6e666aef0f9cce0016f7f167d6a8
- Vendor advisory https://github.com/nats-io/nats-server/security/advisories/GHSA-52jh-2xxh-pwh6
- Distro https://access.redhat.com/errata/RHSA-2026:21769
- Distro https://access.redhat.com/errata/RHSA-2026:22347
- Distro https://access.redhat.com/errata/RHSA-2026:23345
- Distro https://access.redhat.com/security/cve/CVE-2026-29785
- Distro https://bugzilla.redhat.com/show_bug.cgi?id=2451444