Improper Neutralization of Special Elements in Output Used by a Downstream Component in nats-server - #VU135933
Published: June 30, 2026
nats-server
Detailed vulnerability description
The vulnerability allows a remote user to inject unintended NATS protocol operations.
The vulnerability exists due to improper neutralization of special elements in MQTT subscription filters forwarded by route and leafnode connections when processing MQTT SUBSCRIBE requests. A remote user can send a specially crafted MQTT subscription filter to inject unintended NATS protocol operations.
Exploitation can affect forwarded protocol streams across cluster nodes or accounts where route, gateway, or leafnode connections are present.