CVE-2025-51495

High CVSS: 7.5

An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.

Vendor

Cesanta

Product

Mongoose

CWE

CWE-190

Yayın Tarihi

2025-09-29 17:15:31

Güncelleme

2025-10-16 17:00:47

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-190 Mongoose HIGH Cesanta 2025

Referanslar

https://github.com/cainiao159357/CVE-2025-51495 https://github.com/cesanta/mongoose https://github.com/cesanta/mongoose/pull/3131

Benzer Kayıtlar

Medium

CVE-2026-2967

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file…

Medium

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of t…

Medium

CVE-2026-2966

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the…

Medium

CVE-2025-65502

Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of s…