logo

Database

Authentication mechanism absence or evasion In github.com/nats-io/nats-server/v2

Description

NATS: Message tracing can be redirected to arbitrary subject

Impact

A valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject, including those to which the client does not have publish permission. The payload is a valid trace message and not attacker chosen.

Patches

Fixed in nats-server 2.12.6 & 2.11.15

Workarounds

None safe to use.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2026-332492. NVD-2026-332493. OSV-2026-332494. GHSA-8m2x-3m6q-6w8j5. GCVE-2026-33249

References

1. https://github.com/nats-io/nats-server/security/advisories/GHSA-8m2x-3m6q-6w8j2. https://advisories.nats.io/CVE/secnote-2026-15.txt

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.