CVE-2026-33248 | nats-io nats-server up to 2.11.14/2.12.5 mTLS verify_and_map certificate validation

A vulnerability marked as critical has been reported in nats-io nats-server up to 2.11.14/2.12.5. This vulnerability affects the function verify_and_map of the component mTLS. This manipulation causes improper certificate validation.

This vulnerability appears as CVE-2026-33248. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.