CVE-2024-42655 – NanoMQ MQTT Wildcard Access Control Bypass

July 29, 2025

CVE ID : CVE-2024-42655

Published : July 29, 2025, 7:15 p.m. | 4 hours, 11 minutes ago

Description : An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-52894 – IBM Db2 Denial of Service

Next Article CVE-2024-51473 – IBM Db2 Denial of Service Vulnerability

Highlights

CVE-2025-4110 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

April 30, 2025

CVE ID : CVE-2025-4110

Published : April 30, 2025, 11:15 a.m. | 1 hour, 39 minutes ago

Description : A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-teacher.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

Understanding the code modernization conundrum

Not just YouTube: Google is using AI to guess your age based on your activity – everywhere

Malicious extensions can use ChatGPT to steal your personal data – here’s how

What Zuckerberg’s ‘personal superintelligence’ sales pitch leaves out

This handy NordVPN tool flags scam calls on Android – even before you answer

Route Optimization through Laravel’s Shallow Resource Architecture

Route Optimization through Laravel’s Shallow Resource Architecture

This Week in Laravel: Laracon News, Free Laravel Idea, and Claude Code Course

Everything We Know About Pest 4

FOSS Weekly #25.31: Kernel 6.16, OpenMandriva Review, Conky Customization, System Monitoring and More

FOSS Weekly #25.31: Kernel 6.16, OpenMandriva Review, Conky Customization, System Monitoring and More

Windows 11’s MSN Widgets board now opens in default browser, such as Chrome (EU only)

Microsoft’s new “move to Windows 11” campaign implies buying OneDrive paid plan

CVE-2024-42655 – NanoMQ MQTT Wildcard Access Control Bypass

The hidden risks of browser extensions – and how to stay safe

Minnesota National Guard Deployed After Major Cyberattack on St. Paul City Systems

Laracon US tickets are on sale

We’re expanding our Gemini 2.5 family of models

The AI-Powered DevOps revolution: Redefining developer collaboration

DTO: Value Objects and Data (Transfer) Objects in Laravel

CVE-2025-4110 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

CVE-2025-4414 – CMSMasters Content Composer Remote File Inclusion Vulnerability

CVE-2025-20307 – Cisco BroadWorks Application Delivery Platform Cross-Site Scripting (XSS) Vulnerability

CVE-2024-42655 – NanoMQ MQTT Wildcard Access Control Bypass

Related Posts