Listen to this Post
How CVE-2026-58213 Works
NATS Server is a high‑performance messaging system for cloud and edge environments. It includes an MQTT gateway that allows MQTT clients to publish and subscribe to subjects. The vulnerability resides in the way the server processes MQTT `SUBSCRIBE` packets.
When an MQTT client sends a subscription filter (e.g., sensors/+/temperature), the server internally forwards this filter as part of the NATS protocol stream to route, gateway, or leaf‑node connections for cluster‑wide distribution. Prior to versions 2.14.1 and 2.12.9, the server did not sanitise these filters for protocol control characters – characters that have special meaning in the NATS wire protocol (such as \r, \n, , etc.).
An attacker with MQTT client access can craft a subscription filter that includes these control characters. When the server forwards the filter to other cluster nodes, the embedded control characters are interpreted as NATS protocol delimiters or commands, effectively corrupting the protocol stream. This allows the attacker to inject arbitrary NATS protocol operations – for example, they could publish messages to subjects they should not have access to, subscribe to unauthorised subjects, or even manipulate cluster state.
The attack requires MQTT to be enabled on the NATS server, and the server must have route, gateway, or leaf‑node connections that forward the corrupted stream. Anonymous MQTT deployments are at higher risk because no authentication is required to send the malicious `SUBSCRIBE` packet. However, even authenticated MQTT clients can trigger the injection if they have permission to subscribe.
The injection is possible because the NATS protocol is line‑based and uses control characters as separators. By inserting `\r\n` or other delimiters, an attacker can terminate the current protocol message early and start a new one of their choosing. The downstream node will parse the injected commands as if they came from the server itself, bypassing normal access controls.
This flaw is classified as CWE‑74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component). It has a CVSS base score of 7.1 (High) per Snyk, and is rated Critical by VulDB due to the ease of exploitation and lack of authentication requirements. The issue was disclosed on 9 July 2026, and fixed in the same day with the release of versions 2.12.9 and 2.14.1.
DailyCVE Form:
Platform: NATS Server
Version: <2.12.9,<2.14.1
Vulnerability: Protocol Injection
Severity: Critical
date: 2026-07-08
Prediction: Already Patched (Upgrade)
What Undercode Say: Analytics
Check current NATS Server version nats-server -version Verify if MQTT is enabled (look for "mqtt" in config) grep -i mqtt /etc/nats-server.conf List active route/leafnode connections nats server report connections --json | jq '.routes, .leafnodes' Simulate a malicious MQTT SUBSCRIBE with control characters (using mosquitto_pub) This is a PoC – DO NOT RUN on production mosquitto_sub -h localhost -p 1883 -t "sensors/+/temperature\r\nPUB foo 5\r\nhello" -d Monitor NATS protocol stream for anomalies (requires debug logging) nats-server -D -V 2>&1 | grep -E "PROTOCOL|INJECT"
Exploit
An attacker can exploit this vulnerability by:
- Connecting to the MQTT port (default 1883) of a vulnerable NATS server.
- Sending a `SUBSCRIBE` packet with a filter that contains NATS control characters, e.g.:
SUBSCRIBE "sensors/+/temperature\r\nPUB bar 3\r\npwned"
- The server forwards this filter to route/leafnode peers. The `\r\n` sequences terminate the `SUBSCRIBE` command and inject a new `PUB` command, causing the peer to publish the message `pwned` to subject
bar.
Because the injection occurs at the protocol level, no additional authentication is required for the injected operation – it is executed with the server’s own privileges. This can lead to unauthorised message publication, subscription to sensitive subjects, or disruption of cluster coordination.
Protection
- Upgrade to NATS Server version 2.12.9 or 2.14.1 (or later). These releases sanitise MQTT subscription filters before forwarding.
- Disable anonymous MQTT access if not strictly required. This reduces the attack surface, though authenticated clients can still exploit the flaw.
- Restrict MQTT client permissions to the minimum necessary subjects.
- Isolate MQTT gateways from route/leafnode connections where possible, or use separate clusters for untrusted MQTT traffic.
- Monitor logs for unusual subscription patterns or unexpected protocol messages.
Impact
- Confidentiality: An attacker can publish or subscribe to arbitrary subjects, potentially exposing sensitive messages.
- Integrity: Injected commands can alter cluster state or inject false data.
- Availability: While not directly a DoS, corrupting the protocol stream can disrupt cluster communication and lead to service instability.
- Scope: The vulnerability affects all NATS Server deployments with MQTT enabled and route/gateway/leafnode connections. Anonymous deployments are especially at risk.
- CVSS: 7.1 (High) – Network exploitable, low complexity, no user interaction, low privileges required.
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

