CVE-2026-25768

Sažetak

LavinMQ is a high-performance message queue & streaming server. Before 2.6.6, an authenticated user could access metadata in the broker they should not have access to. This vulnerability is fixed in 2.6.6.

Reference

https://github.com/cloudamqp/lavinmq/commit/e871f8d0a53685f04e39e6410a2421c1f82803b0
https://github.com/cloudamqp/lavinmq/pull/1669
https://github.com/cloudamqp/lavinmq/security/advisories/GHSA-r2mh-8vq6-qf7m

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

13-02-2026 - 14:23

Objavljeno

12-02-2026 - 20:16