Mongoose — Vulnerabilities & Security Advisories 18

All 18 CVE vulnerabilities found in Mongoose, with AI-generated Chinese analysis, references, and POCs.

Vendor: Cesanta

CVE ID	Title	CVSS	Severity	Published
CVE-2026-6986	Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification CWE-347	3.7	Low	2026-04-25
CVE-2026-6985	Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop CWE-835	5.3	Medium	2026-04-25
CVE-2026-5246	Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization CWE-639	5.6	Medium	2026-04-02
CVE-2026-5245	Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow CWE-121	5.6	Medium	2026-04-02
CVE-2026-5244	Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow CWE-122	7.3	High	2026-04-02
CVE-2026-2968	Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification CWE-347	3.7	Low	2026-02-23
CVE-2026-2967	Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source CWE-940	3.7	Low	2026-02-23
CVE-2026-2966	Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values CWE-330	3.7	Low	2026-02-23
CVE-2025-23061	Mongoose 代码注入漏洞 CWE-94	9.0	Critical	2025-01-15
CVE-2023-2905	Cesanta Mongoose MQTT Message Parsing Heap Overflow CWE-122	9.8	-	2023-08-09
CVE-2017-2891	Cesanta Mongoose 安全漏洞	9.8	-	2017-11-07
CVE-2017-2922	Cesanta Mongoose 安全漏洞	9.8	-	2017-11-07
CVE-2017-2921	Cesanta Mongoose 数字错误漏洞	9.8	-	2017-11-07
CVE-2017-2909	Cesanta Mongoose 安全漏洞	7.5	-	2017-11-07
CVE-2017-2895	Cesanta Mongoose 数字错误漏洞	9.1	-	2017-11-07
CVE-2017-2894	Cesanta Mongoose 缓冲区错误漏洞	9.8	-	2017-11-07
CVE-2017-2893	Cesanta Mongoose 安全漏洞	7.5	-	2017-11-07
CVE-2017-2892	Cesanta Mongoose 数字错误漏洞	9.8	-	2017-11-07

All 18 known CVE vulnerabilities affecting Mongoose with full Chinese analysis, references, and POCs where available.