CVE Catalog

CVE-2026-49198

MediumCVSS 4.9
Published: Updated: Translated: NVD NIST

Summary

Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic to unauthorized actors.

Risk Assessment

The organization may be exposed to unauthorized access to sensitive data transmitted via MQTT, potentially leading to data leaks or manipulation.

Recommendation

It is recommended to implement appropriate access control mechanisms and restrict wildcard topic subscriptions in the MQTT broker.

Original NVD description (English source)

Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic to unauthorized actors.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS