Bryan Pearson

**Name of the Vulnerable Software and Affected Versions** Eclipse Mosquitto versions 2.07 and earlier **Description** The issue is related to the incorrect handling of a PUBLISH packet with a topic length of 0, which can cause the server to crash. This can be exploited by a remote attacker to disrupt the service. The `topic length` variable is crucial in this context, as setting it to 0 triggers the crash. **Recommendations** For Eclipse Mosquitto versions 2.07 and earlier, as a temporary workaround, consider restricting the handling of PUBLISH packets with a `topic length` of 0 until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.