HIGH
cometd
CVE published 2026-06-18
CVE-2025-53114
CometD, a scalable comet implementation for web messaging, has a high-severity vulnerability tracked as CVE-2025-53114. The issue affects versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8. An attacker can exploit this vulnerability by sending a fixed batch value when the server uses the acknowledgement extension, potentially causing the unacknowledged messa [truncated]