← Back

Emqx

emqx

Vendor: Emqx • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-8741
1Emqx
1Emqx
May 20, 2026
May 17, 2026
1.3 LOW· v4
3.1 LOW· v3
2.1 LOW· v2
A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race...Show more
A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is reported as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure.Show less
CVE-2023-37781
1Emqx
1Emqx
Nov 21, 2024
Jul 17, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file.
CVE-2021-46434
1Emqx
1Emqx
Nov 21, 2024
Mar 28, 2022
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attac...Show more
EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface. When a user login, the application returns different results depending on whether the account is correct, that allowed an attacker to determine if a given username was validShow less