{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-33219","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-03-17T23:23:58.314Z","datePublished":"2026-03-25T19:55:28.363Z","dateUpdated":"2026-06-30T12:07:36.175Z"},"containers":{"cna":{"title":"NATS is vulnerable to pre-auth DoS through WebSockets client service","problemTypes":[{"descriptions":[{"cweId":"CWE-770","lang":"en","description":"CWE-770: Allocation of Resources Without Limits or Throttling","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.1"}}],"references":[{"name":"https://github.com/nats-io/nats-server/security/advisories/GHSA-8r68-gvr4-jh7j","tags":["x_refsource_CONFIRM"],"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-8r68-gvr4-jh7j"},{"name":"https://advisories.nats.io/CVE/secnote-2026-02.txt","tags":["x_refsource_MISC"],"url":"https://advisories.nats.io/CVE/secnote-2026-02.txt"},{"name":"https://advisories.nats.io/CVE/secnote-2026-11.txt","tags":["x_refsource_MISC"],"url":"https://advisories.nats.io/CVE/secnote-2026-11.txt"},{"name":"https://github.com/advisories/GHSA-qrvq-68c2-7grw","tags":["x_refsource_MISC"],"url":"https://github.com/advisories/GHSA-qrvq-68c2-7grw"}],"affected":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.11.15","status":"affected"},{"version":">= 2.12.0-RC.1, < 2.12.6","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-03-25T19:55:28.363Z"},"descriptions":[{"lang":"en","value":"NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a malicious client which can connect to the WebSockets port can cause unbounded memory use in the nats-server before authentication; this requires sending a corresponding amount of data. This is a milder variant of CVE-2026-27571. That earlier issue was a compression bomb, this vulnerability is not. Attacks against this new issue thus require significant client bandwidth. Versions 2.11.15 and 2.12.6 contain a fix. As a workaround, disable websockets if not required for project deployment."}],"source":{"advisory":"GHSA-8r68-gvr4-jh7j","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-25T20:10:18.603979Z","id":"CVE-2026-33219","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-25T20:10:35.721Z"}},{"affected":[{"cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"],"defaultStatus":"affected","product":"Multicluster Global Hub 1.4.5","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"],"defaultStatus":"affected","product":"Multicluster Global Hub 1.5.4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"],"defaultStatus":"affected","product":"Multicluster Global Hub 1.6.2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"unaffected","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"}],"datePublic":"2026-03-25T19:55:28.363Z","descriptions":[{"lang":"en","value":"A flaw was found in NATS-Server. A malicious client connecting to the WebSockets port can cause unbounded memory use before authentication by sending a large amount of data. This resource exhaustion vulnerability can lead to a Denial of Service (DoS) for the server, making it unavailable to legitimate users."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-770","description":"Allocation of Resources Without Limits or Throttling","lang":"en","type":"CWE"}]}],"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-33219"},{"name":"RHBZ#2451445","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451445"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33219.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:22347"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:21769"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:23345"}],"solutions":[{"lang":"en","value":"RHSA-2026:22347: Multicluster Global Hub 1.4.5"},{"lang":"en","value":"RHSA-2026:21769: Multicluster Global Hub 1.5.4"},{"lang":"en","value":"RHSA-2026:23345: Multicluster Global Hub 1.6.2"}],"timeline":[{"lang":"en","time":"2026-03-25T20:01:41.235Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-03-25T19:55:28.363Z","value":"Made public."}],"title":"github.com/nats-io/nats-server: NATS-Server: Denial of Service via unbounded memory use in WebSockets","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"},"providerMetadata":{"orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP","dateUpdated":"2026-06-30T12:07:36.175Z"}}]}}