Cesanta — Vulnerabilities & Security Advisories 30

Browse all 30 CVE security advisories affecting Cesanta. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Cesanta:Mongoose Mongoose Web Server Frozen

CVE ID	Title	CVSS	Severity	Published
CVE-2026-6986	Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_gcm_decrypt signature verification — MongooseCWE-347	3.7	Low	2026-04-25
CVE-2026-6985	Cesanta Mongoose TCP Option net_builtin.c handle_opt infinite loop — MongooseCWE-835	5.3	Medium	2026-04-25
CVE-2026-5246	Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization — MongooseCWE-639	5.6	Medium	2026-04-02
CVE-2026-5245	Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow — MongooseCWE-121	5.6	Medium	2026-04-02
CVE-2026-5244	Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-based overflow — MongooseCWE-122	7.3	High	2026-04-02
CVE-2018-25193	Mongoose Web Server 6.9 Denial of Service via Socket Connection — Mongoose Web ServerCWE-1188	7.5	High	2026-03-06
CVE-2026-2968	Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification — MongooseCWE-347	3.7	Low	2026-02-23
CVE-2026-2967	Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source — MongooseCWE-940	3.7	Low	2026-02-23
CVE-2026-2966	Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values — MongooseCWE-330	3.7	Low	2026-02-23
CVE-2025-0696	frozen 代码问题漏洞 — FrozenCWE-476	5.3	Medium	2025-01-27
CVE-2025-0695	frozen 安全漏洞 — FrozenCWE-770	5.3	Medium	2025-01-27
CVE-2024-42392	Improper Neutralization of Delimiters in Mongoose Web Server library — Mongoose Web ServerCWE-140	4.0	Medium	2024-11-18
CVE-2024-42391	Use of Out-of-range Pointer Offset in Mongoose Web Server library — Mongoose Web ServerCWE-823	4.3	Medium	2024-11-18
CVE-2024-42390	Use of Out-of-range Pointer Offset in Mongoose Web Server library — Mongoose Web ServerCWE-823	4.3	Medium	2024-11-18
CVE-2024-42389	Use of Out-of-range Pointer Offset in Mongoose Web Server library — Mongoose Web ServerCWE-823	5.3	Medium	2024-11-18
CVE-2024-42388	Use of Out-of-range Pointer Offset in Mongoose Web Server library — Mongoose Web ServerCWE-823	5.3	Medium	2024-11-18
CVE-2024-42387	Use of Out-of-range Pointer Offset in Mongoose Web Server library — Mongoose Web ServerCWE-823	5.3	Medium	2024-11-18
CVE-2024-42386	Use of Out-of-range Pointer Offset in Mongoose Web Server library — Mongoose Web ServerCWE-823	8.2	High	2024-11-18
CVE-2024-42385	Improper Neutralization of Delimiters in Mongoose Web Server library — Mongoose Web ServerCWE-140	4.0	Medium	2024-11-18
CVE-2024-42384	Integer Overflow or Wraparound in Mongoose Web Server library — Mongoose Web ServerCWE-190	7.5	High	2024-11-18
CVE-2024-42383	Use of Out-of-range Pointer Offset in Mongoose Web Server library — Mongoose Web ServerCWE-823	4.2	Medium	2024-11-18
CVE-2023-2905	Cesanta Mongoose MQTT Message Parsing Heap Overflow — MongooseCWE-122	9.8	-	2023-08-09
CVE-2017-2891	Cesanta Mongoose 安全漏洞 — Mongoose	9.8	-	2017-11-07
CVE-2017-2922	Cesanta Mongoose 安全漏洞 — Mongoose	9.8	-	2017-11-07
CVE-2017-2921	Cesanta Mongoose 数字错误漏洞 — Mongoose	9.8	-	2017-11-07
CVE-2017-2909	Cesanta Mongoose 安全漏洞 — Mongoose	7.5	-	2017-11-07
CVE-2017-2895	Cesanta Mongoose 数字错误漏洞 — Mongoose	9.1	-	2017-11-07
CVE-2017-2894	Cesanta Mongoose 缓冲区错误漏洞 — Mongoose	9.8	-	2017-11-07
CVE-2017-2893	Cesanta Mongoose 安全漏洞 — Mongoose	7.5	-	2017-11-07
CVE-2017-2892	Cesanta Mongoose 数字错误漏洞 — Mongoose	9.8	-	2017-11-07

This page lists every published CVE security advisory associated with Cesanta. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Cesanta — Vulnerabilities & Security Advisories 30