CVE-2025-12790
Published
CVSS v3
7.4
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle (MITM) attack.
Pure Ruby gem that implements the MQTT protocol, a lightweight protocol for publish/subscribe messaging.
GitHub