CVE-2026-33223 | nats-io nats-server up to 2.11.14/2.12.5 Nats-Request-Info Header authentication spoofing

Inserito da Angelo Barbosa | Mar 25, 2026 | CVE

A vulnerability was found in nats-io nats-server up to 2.11.14/2.12.5. It has been rated as critical. Affected is an unknown function of the component Nats-Request-Info Header Handler. Performing a manipulation results in authentication bypass by spoofing.

This vulnerability is cataloged as CVE-2026-33223. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-33223 | nats-io nats-server up to 2.11.14/2.12.5 Nats-Request-Info Header authentication spoofing

Post correlati

CVE-2025-53603 | Alinto SOPE SOGo up to 5.12.2 Query String NGHashMap.m null pointer dereference

CVE-2024-31278 | Leap13 Premium Addons for Elementor Plugin up to 4.10.22 on WordPress information disclosure

CVE-2024-33693 | Meks Smart Social Widget Plugin up to 1.6.4 on WordPress cross site scripting

CVE-2025-56074 | PHPGurukul Park Ticketing Management System 2.0 POST Request foreigner-bwdates-reports-details.php fromdate/todate sql injection