Dalmoz

**Name of the Vulnerable Software and Affected Versions** Mosquitto versions prior to 1.4.13 **Description** The issue allows local users to obtain sensitive MQTT topic information due to the world-readable mosquitto.db file, also known as the persistence file. **Recommendations** For Mosquitto versions prior to 1.4.13, update to version 1.4.13 or later to resolve the issue. As a temporary workaround, consider changing the permissions of the mosquitto.db file to restrict access until a patch is applied.