HIGH
JustDoIt0910
CVE published 2026-05-18
CVE-2025-56352
CVE-2025-56352 describes a denial-of-service condition in tinyMQTT CONNECT packet handling. According to the NVD record, a malformed CONNECT with an empty Client ID and CleanSession set to 0 receives a rejection response, but the TCP connection is not explicitly closed, allowing repeated invalid attempts to accumulate open sockets and exhaust broker resources.