HIGH
FreeRTOS
CVE published 2026-05-15
CVE-2026-8686
A missing bounds validation vulnerability in the MQTT v5.0 property parser of FreeRTOS coreMQTT 5.0.0 allows an MQTT broker to cause denial of service via a crafted packet. The vulnerability was published on 2026-05-15 and last modified on 2026-05-19. The issue is rated HIGH severity with a CVSS score of 8.7. The root cause is identified as CWE-125 (Out-of-bounds Read). FreeRTOS has released coreMQTT vers [truncated]